[Xymon] Missing support for HTTP/2 ?
J.C. Cleaver
cleaver at terabithia.org
Wed Nov 1 21:57:43 CET 2023
On Wed, November 1, 2023 07:53, Axel Beckert wrote:
> Hi,
>
> On Wed, Nov 01, 2023 at 02:21:04PM +0100, Ingeborg Hellemo via Xymon
> wrote:
>> I have a webserver which works ok when you visit it in a browser or when
>> you
>> use curl, but Xymon http test shows "SSL error". Tests with "openssl
>> s_client"
>> from the command line works as expected.
>>
>> Could the culprit be that xymonnet does not support HTTP/2 ?
>
> I don't think so. It's probably more an issue of incompatible ciphers
> or so. Or is that an HTTP/2-only server? So far I'm also not aware of
> any HTTP/2 only (production) web server. Maybe this will come in the
> future.
>
> But yeah, as far as I know, xymonnet does not support HTTP/2 — nor
> HTTP/3. Then again, it might be possible to implement a minimal client
> via protocols.cfg hex syntax like with e.g. ajp13 or rdp. But if the
> handshake needs anything outside the standard TLS handshake (and I'm
> not that versed in HTTP/2), it will not work.
>
> And indeed, builtin xymonnet support for HTTP/2 and HTTP/3 would be
> nice, especially if you could monitor the availability of protocol
> versions separately (like for HTTPS and HTTP). But I suspect this
> would need an 3rd party library like curl or nghttp2 to be used.
>
A basic http/2 check really would be useful, but agreed I wouldn't want to
add in another library unless, like with openldap, it's just too complex
to do otherwise. I haven't looked into the binary header packing involved
too much. This was another backburnered item on the list, but if there's
demand for /2 testing specifically then it should be bumped up.
-jc
More information about the Xymon
mailing list