THIS KNOWLEDGE BASE HAS BEEN ARCHIVED AND IS NO LONGER BEING UPDATED
Please visit library.nagios.com/docs for the latest and most up-to-date documentation.
All Categories
Home » Categories » Multiple Categories

Nagios XI - LDAP / Active Directory - Import Users Certificate Issues
Article Number: 524 | Rating: 1/5 from 3 votes | Last Updated by rspielman on Tue, Feb 9, 2021 at 10:34 AM

Problem Description

When using the "LDAP / Active Directory Import Users" component in Nagios XI you may receive an error like the following when attempting to login:

Unable to authenticate: TLS error-8179:Peer's Certificate issuer is not recognized.

 

Issues like these can occur when the certificate you've added to Nagios XI is for a root CA when a subordinate CA is what actually issued the certificate, this subordinate CA certificate will also need to be uploaded.

 

Resolving the Problem

Delete Certificates

First step is to remove the existing certificates.

  • Log into the Nagios XI Web interface

  • Navigate to Admin > Users > LDAP/AD Integration

    • Under the Certificate Authority Management section

    • Delete all the existing certificates by clicking the X icon in the Actions column

 

Ensure Environment Is Correctly Setup

Log into your Nagios XI server in an SSH session and execute the following commands:

mkdir -p /etc/openldap/cacerts
chown apache.nagios /etc/openldap /etc/openldap/cacerts /etc/openldap/certs
chmod 664 /etc/openldap/ldap.conf
chmod 775 /etc/openldap /etc/openldap/certs /etc/openldap/cacerts
sed -i 's/TLS_CACERTDIR/#TLS_CACERTDIR/g' /etc/openldap/ldap.conf
echo "TLS_CACERTDIR /etc/openldap/cacerts" >> /etc/openldap/ldap.conf

 

The last step is to restart the Apache service using one of the commands below:

 

RHEL 7 | CentOS 7 | Oracle Linux 7

systemctl restart httpd.service

 

Debian | Ubuntu 16/18

systemctl restart apache2.service

 

 

Add Certificates

Now add all the required CA certificates.

  • Log into the Nagios XI Web interface

  • Navigate to Admin > Users > LDAP/AD Integration

    • Under the Certificate Authority Management section

    • Click the Add Certificate button

      • Paste the text from your certificate and then click the Add Certificate button

    • Repeat until all the required certificates have been added

 

Once you have completed the above steps the Import Users functionality will work if the CA certificates match the LDAP / Active Directory they are authenticating against.

 

 

Final Thoughts

For any support related questions please visit the Nagios Support Forums at:

http://support.nagios.com/forum/



Special Offer For Knowledgebase Visitors! Get a huge discount on Nagios Log Server by clicking below.

Get 60% Off Nagios Log Server!

Did you know? Nagios provides complete monitoring of: Windows, Linux, UNIX, Servers, Websites, SNMP, DHCP, DNS, Email, Storage, Files, Apache, IIS, EC2, and more!
Posted by: on Tue, Jul 26, 2016 at 2:37 AM. This article has been viewed 10970 times.
Filed Under: System Configuration, Troubleshooting, User Management
1 (3)
Article Rating (3 Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
Nagios XI - How to Integrate SNMP Traps With Nagios XI
Viewed 20024 times since Thu, Jan 28, 2016
Nagios XI - Maximizing Performance In Nagios XI
Viewed 7144 times since Thu, Jan 28, 2016
Nagios XI - Should You Change RRD Retention Periods?
Viewed 7009 times since Sun, Nov 12, 2017
Nagios XI - Securing Your Nagios Server - NWC13
Viewed 7105 times since Thu, Feb 4, 2016
Nagios XI - How to Authenticate and Import Users with Active Directory
Viewed 10247 times since Wed, Jan 27, 2016
Nagios XI - Profile Build Failed
Viewed 15079 times since Tue, Aug 2, 2016
Nagios XI - Enabling Memcached Support
Viewed 6950 times since Wed, Jan 27, 2016
VMWare checks timing out or slow
Viewed 4742 times since Fri, Feb 11, 2022
Nagios XI - Managing Components
Viewed 6181 times since Wed, Jul 19, 2017
Nagios XI - Virtual Machine Notes
Viewed 8005 times since Thu, Jan 28, 2016
Subscribe to knowledge base
Get notified when new articles are added to the knowledge base.
Nagios