check_http - support TLS v1.2 (#1338)

[frnkblk at iname.com]

Can we tweak this feature such that we can list which SSL/TLS versions to use/try?

 

Also, what do we need to do support HTTP 2.0?

 

Frank

 

From: Devel [mailto:devel-bounces+frnkblk=iname.com at monitoring-plugins.org] On Behalf Of J Adams
Sent: Tuesday, September 15, 2015 6:19 AM
To: Monitoring Plugins Development <devel at monitoring-plugins.org>
Subject: Re: check_http - support TLS v1.2 (#1338)

 

--ssl=1  turns off auto negotiation. Against a site that offers only 1.2, using -S without specifying the version works for me. 

 

On Tue, Sep 15, 2015 at 6:00 AM, seccentral <notifications at github.com <mailto:notifications at github.com> > wrote:

Don't know about their/his/her setup but i've tried and by default it's auto (right ? manual sais so anyway) 
" -S, --ssl=VERSION
Connect via SSL. Port defaults to 443. VERSION is optional, and prevents
auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3)."
so even if i use -S --ssl=1 it still fails. albeit with a different error: (with --ssl=1)
CRITICAL - Cannot make SSL connection.
140318164997776:error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert internal error:s3_pkt.c:1294:SSL alert number 80

—
Reply to this email on GitHub <https://github.com/monitoring-plugins/monitoring-plugins/issues/1338#issuecomment-140342586> .  <https://github.com/notifications/beacon/AFQl2Qx4A0UKB7wvivsXbMnsVtZxrhKhks5ox-POgaJpZM4EXI0C.gif> 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-plugins.org/archive/devel/attachments/20150920/05037493/attachment.html>