Hello!
On 09/04/2015 02:10 AM, Horatiu N wrote:
> Long story short,
> latest icinga on latest debian,
> I have a host that I do some https availability checks but i get this in
> the icingaweb2 interface:
> the host is www.triple.site
>> CRITICAL - Cannot make SSL connection.
>>
>> 47083947872336:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
>> alert internal error:s23_clnt.c:770:
>
> i try from the cli using openssl
> openssl s_client -connect www.triple.site:443
>> CONNECTED(00000003)
>> 139664286357136:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
>> alert internal error:s23_clnt.c:770:
>
> i try using a suggestion on the launchpad openssl bugtracker :
> openssl s_client -connect www.triple.site:443 -cipher 'DEFAULT:!ECDH'
>
> - And this one works -
>
> Now how could i adapt it to fit the check_http plugin ?
> I know this is more of a openssl related question but i'm at a loss
> since check_http plugin doesnt give me the option to use another ssl lib.
>
`-S` / `--ssl` flag should do the job and you do not need any option to
set the ssl lib.
-S, --ssl=VERSION
Connect via SSL. Port defaults to 443. VERSION is optional, and
prevents auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3).
Are you using default `check_http` commands from default installation
from icinga2 ? Or you was rebuild `check_http` commands?
>
>
> _______________________________________________
> icinga-users mailing list
> icinga-users@lists.icinga.org
> https://lists.icinga.org/mailman/listinfo/icinga-users
>
_______________________________________________
icinga-users mailing list
icinga-users@lists.icinga.org
https://lists.icinga.org/mailman/listinfo/icinga-users
