[Xymon] https failure in 4.3.4, not in 4.2.3

Henrik Størner henrik at hswn.dk
Wed Aug 31 21:45:31 CEST 2011


> I upgraded my last xymon server from 4.2.3 to 4.3.4 this morning. It went well, except for one little thing. https tests.
[snip]
> If I run a curl on the site, I get:
>
> $ curl https://iadnasp1
> curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
> error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
[snip]
> So, we have an internal CA. So I'm guessing I need to install the CA's certificate of authority to clear this issue up?

No, you don't. Xymon doesn't perform validation of certificate chains 
like curl does - essentially, Xymon behaves like curl with the 
"--insecure" option.

Try running "xymonnet --version" to see if it is able to load the SSL 
library at all - you should see the SSL library version listed. If that 
doesn't give you a clue, run "xymoncmd xymonnet --debug HOSTNAME" and 
see what details it gives about why it cannot connect to the site.


Regards,
Henrik



More information about the Xymon mailing list