[xymon] sslcert

Xymon User in Richmond hobbit at epperson.homelinux.net
Thu Jan 20 20:00:08 CET 2011


On Thu, January 20, 2011 12:35, dOCtoR MADneSs wrote:
> Le 20/01/2011 17:52, Xymon User in Richmond a écrit :
>>
>> On Thu, January 20, 2011 11:10, Root, Paul wrote:
>>> That's a lot of stuff on each line.  I've never done multiple URLs on
>>> a single host. What does that do for you?
>>>
>>> I put the URL on the line of the server.
>>>
>>> Is tata by chance the real host of one of the URLs you put on the
>>> toto line?
>>>
>>>
>>> Paul Root Lead Internet Systems Eng Qwest Network Services
>>>
>>>
>>> -----Original Message----- From: dOCtoR MADneSs
>>> [mailto:doctor at makelofine.org] Sent: Wednesday, January 19, 2011 2:48
>>>  PM To: xymon at xymon.com Subject: Re: [xymon] sslcert
>>>
>>> Le 19/01/2011 20:06, Root, Paul a écrit :
>>>> What do your lines in hosts.cfg look like for these two servers?
>>>> -----Original Message----- From: dOCtoR MADneSs
>>>> [mailto:doctor at makelofine.org] Sent: Wednesday, January 19, 2011
>>>> 12:45 PM To: xymon at xymon.com Subject: [xymon] sslcert
>>>>
>>>> Hi
>>>>
>>>> My xymon server has a strange behaviour.I have a host called tata
>>>> running SSLed services. The tests are all OK. But when I go to
>>>> sslcert test page, I see the information from another host (called
>>>> toto). Their SSL certificates are differents, and all my other
>>>> hosts have their own SSL informations. The host toto is the xymon
>>>> server itself, running xymon-4.3.0-beta3 client and server. The
>>>> host 'tata' is running xymon 4.2.2.
>>>>
>>>> Thank for any help.
>>>>
>>>> Regards, Damien
>>> Here is the hosts.cfg content : 127.0.0.1   toto    # bbd ftp
>>> http://wikileaks.makelofine.org https://wikileaks.makelofine.org
>>> http://www.raclo.fr http://www.pleinphares.fr
>>> http://www.xenon-tuning.fr http://www.hoodmark.fr
>>> http://www.chasseresse.com https://mailadmin.makelofine.org
>>> https://www.makelofine.org http://www.skapiso.com
>>> http://www.galey-ariege.fr http://photos.makelofine.org
>>> http://www.warcho.net https://test.makelofine.org
>>> dns=galey-ariege.fr,skapiso.com,loozah.com,manurevah.com,loloack.com,
>>> make lofine.org smtp ssh imap imaps pop3 smtps pop3s apt
>>> apache=http://localhost/server-status?auto libs bind postfix mysql
>>> hardware ntpq
>>> TRENDS:*,!la,vmstat:vmstat1|vmstat2|vmstat3|vmstat4|vmstat5,apache:ap
>>> ache
>>> |apache1|apache2|apache3,mysql:mysql|mysqlslow|mysqlqueries|mysqltabl
>>> es|m
>>> ysqlopens|mysqlflush|mysqlquestions,hardware:hardware|fans|voltages,m
>>> ailg
>>> raph:mailgraph-rejected|mailgraph-local|mailgraph-amavis|mailgraph-sp
>>> amd|
>>> mailgraph-postgrey|mailgraph-postgrey-passed|mailgraph-loglines|mailg
>>> raph -runtime
>>>
>>> 1.2.3.4 tata # DESCR:"server:Serveur Linux" smtp imap imaps bind pop3
>>>  pop3s postfix libs
>>> TRENDS:*,inode,ntpstat,vmstat:vmstat1|vmstat2|vmstat3|vmstat4|vmstat5
>>> ,dis
>>> k:disk|iostat-disk|iostat-part,mailgraph:mailgraph-rejected|mailgraph
>>> -loc
>>> al|mailgraph-amavis|mailgraph-spamd|mailgraph-postgrey|mailgraph-post
>>> grey
>>> -passed|mailgraph-loglines|mailgraph-runtime,mysql:mysql|mysqlslow|my
>>> sqlq ueries|mysqltables|mysqlopens|mysqlflush|mysqlquestions samba
>>> ntpq ssh
>>>
>>>
>> So, the real root top-posts.  ;)
>>
>> Yeah, that looks funny to me, too.  Using a bb-hosts/hosts.cfg line to
>> test URLs not on that server is probably a novel way to test external
>> stuff and group it all together.  toto's sslcert page should be showing
>>  four external certs plus the local imaps and pop3s certs.  Assuming
>> that's really all one line--I don't see any "\" escapes.
>>
>> But the issue reported is with a different line.  tata should be
>> showing its imap2 and pop3s certs, unless they're the same in which
>> case it would be listed once.  I assume we're quite certain that toto
>> and tata don't use the same pops/imaps certs.
>>
>> Which certs from toto is tata reporting?  Just its own pops/imaps, or
>> all of them including the ones from the external https URLs?  I assume
>> we're quite certain that toto and tata don't use the same pops/imaps
>> certs.
>>
>
> tata reports SSL certs from toto for imaps and pop3s. Actually, tata does
> not run any other SSL service.
>

Bottom-post to top-post and back again gets kinda weird. But I try to go
with the flow (ever since one of our crustier participants unloaded on me
for grousing).

The tata thing is also pretty weird.  I've tried mucking around with a
sandbox setup trying to replicate it, and can't find anything short of the
two host names resolving to the same IP.  I presume the conn data for tata
is showing the correct IP for that machine?







More information about the Xymon mailing list