[Nagiosplug-devel] [ nagiosplug-Bugs-1402262 ] check_http SSL doesn't work for Tomcat servers
SourceForge.net
noreply at sourceforge.net
Wed Mar 1 04:01:01 CET 2006
Bugs item #1402262, was opened at 2006-01-11 00:01
Message generated for change (Comment added) made by at-one
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1402262&group_id=29880
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: Release (specify)
Status: Open
Resolution: None
Priority: 5
Submitted By: richard (rag777)
Assigned to: Nobody/Anonymous (nobody)
Summary: check_http SSL doesn't work for Tomcat servers
Initial Comment:
check_http fails with CRITICAL - Cannot retrieve server
certificate for checks against Tomcat servers.
This is from release 1.4.2 and tested against Tomcat
4.x and 5.x servers. It is completely reproducable.
This example works:
check_http --ssl www.verisign.com
HTTP OK HTTP/1.1 200 OK - 30606 bytes in 1.754 seconds
|time=1.754026s;;;0.000000 size=30606B;;;0
This example fails:
check_http --ssl www.icpkp.com
CRITICAL - Cannot retrieve server certificate.
I have tried this against a bunch of Tomcat sites and
always get the same result. I also get it when trying
against a self-signed certificate.
The browsers access the certificate fine, and don't
report any problems.
Any help would be greatly appreciated!
----------------------------------------------------------------------
Comment By: David Kelly (at-one)
Date: 2006-03-01 11:59
Message:
Logged In: YES
user_id=1275092
I can't comment on Tomcat servers but it seems this error
also applies to site certificates using the AES cipher:
insight2:/s2s/apps/nagios-plugins# ./check_http --ssl
www.verisign.com
HTTP OK HTTP/1.1 200 OK - 31062 bytes in 1.206 seconds
|time=1.205539s;;;0.000000 size=31062B;;;0
insight2:/s2s/apps/nagios-plugins# ./check_http --ssl
www.e-paycobalt.com
CRITICAL - Cannot retrieve server certificate.
e-paycobalt.com is just one of many of our customer sites
using the aes encrypted certificates that I have tested this
on. All fail with the same error.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1402262&group_id=29880
More information about the Devel
mailing list