[Nagiosplug-help] check_http --ssl problem

Peter Radcliffe pir at pir.net
Fri Oct 3 09:39:06 CEST 2003


I got an off-list fix for this problem which the author (thanks Tom !)
said I could pass onto the list in case others hit the same problem.

P.

Peter Radcliffe <pir at pir.net> probably said:
>   > ~nagios/libexec/check_http --ssl -C 30 -H nagios.net.tufts.ednu
>   24750:error:140820A7:SSL routines:SSL3_CHECK_CERT_AND_ALGORITHM
>   :missing export tmp rsa key:s3_clnt.c:1952:
>   HTTP CRITICAL - Could not make SSL connection

Tom Shohfi <tshohfi at empoweringmedia.com> probably said:
> Sorry I did not post this to the nagiosplug-help mailing list, but right now
> I really don't need to join yet another mailing list!
> 
> I had the same problem as you did with the check_http plugin and monitoring
> SSL certs.  The problem exists with the SSLv23_client_method function, which
> is not correctly rolling back to SSLv2.  The check_tcp plugin uses the SSLv2
> function only, so it works fine.  Here's a patch that I applied that is
> restoring functionality.
> 
> Share this on the list if you like.
> 
> ----
> Tom Shohfi
> Empowering Media
> 
> --- check_http.c.orig   Mon Jun 30 07:56:08 2003
> +++ check_http.c        Fri Oct  3 11:59:39 2003
> @@ -882,7 +882,7 @@
> 
>         /* Initialize SSL context */
>         SSLeay_add_ssl_algorithms ();
> -       meth = SSLv23_client_method ();
> +       meth = SSLv2_client_method ();
>         SSL_load_error_strings ();
>         if ((ctx = SSL_CTX_new (meth)) == NULL) {
>                 printf ("ERROR: Cannot create SSL context.\n");
> 

-- 
pir





More information about the Help mailing list