[Nagiosplug-help] check_ldaps problems

[David Cooley]

I am trying to set up LDAP monitoring of Secure LDAP servers.
the version of the plugin is: 
 
check_ldaps v1753 (nagios-plugins 1.4.11)

and I am running Nagios 3.06.
The problem I get is that I cannot connect at all to the secure port on the Directory Servers, or the Directory Proxy Server...
I get the following:
ldap_bind: Can't contact LDAP server (-1)
Could not bind to the ldap-server
I have tried using the IP of the host, the hostname with and without the fqdn...
the command is:


./check_ldaps -H host.example.com -b ou=people,o=something,dc=example,dc=com -p 3636 -D uid=12345,ou=applications,o=something,dc=example,dc=com -P password -3

the error I see in the proxy server log is:

[23/Dec/2008:14:15:19
-0800] - CONNECT    - INFO  - conn=1347 client=xxx.xxx.xxx.xxx:46075
server=xxx.xxx.xxx:3636 protocol=LDAPS
[23/Dec/2008:14:15:19
-0800] - PROFILE    - INFO  - conn=1347 assigned to connection handler
cn=default connection handler, cn=connection handlers, cn=config
[23/Dec/2008:14:15:19
-0800] - DISCONNECT - INFO  - conn=1347 reason="other" msg="Exception
caught while polling client connection LDAPS.xxx.xxx.xxx.xxx.46075 --
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext
connection?"

and the other error on the Proxy I see is:
[23/Dec/2008:14:32:35
-0800] - DISCONNECT - INFO  - conn=1358 reason="other" msg="Exception
caught while polling client connection LDAPS.xxx.xxx.xxx.xxx.36580 --
javax.net.ssl.SSLException: Inbound closed before receiving peer's
close_notify: possible truncation attack?"

I can connect fine from the Nagios server with a commandline LDAP browser...

Any and all help appreciated.
 
David Cooley 
Messaging and Identity Management Administrator


      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-plugins.org/archive/help/attachments/20081223/7a20dfc1/attachment.html>