[Xymon] OpenSSL Errors for some https tests
Henrik Størner
henrik at hswn.dk
Mon Sep 17 23:19:34 CEST 2012
On 17-09-2012 22:40, Michael Gallen wrote:
> I am migrating from Hobbit 4.2.0 on CentOS 5.5 to Xymon 4.3.9 on CentOS 6.2
>
> Everything works fine on CentOS 5.5 but on CentOS 6.2 we get SSL errors
> for some of our https sites.
>
> Some https sites test ok, others always fail.
>
> Hobbit uses openssl 0.9.8e-12.el5_5.7
>
> Xymon uses openssl 1.0.0-25.el6_3.1
>
> The error also displays when testing with wget and openssl –debug,
> please see below..
OK, so you've narrowed it down to the change of openssl version, not the
Hobbit/Xymon upgrade.
> OpenSSL: error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
> unexpected message
>
> Unable to establish SSL connection.
I don't know if CentOS did, but the Ubuntu version of OpenSSL - perhaps
also Debian - disabled support for SSLv2 somewhere between 0.9.8 and
1.0. Could this be the reason - that your failing site only supports the
older SSLv2 protocol ?
You can also try forcing it to connect using only TLS or only SSLv3
(there are some openssl options for that). Perhaps one of those work?
Regards,
Henrik
More information about the Xymon
mailing list