[Xymon] SSL/HTTPS enabling on existing Xymon Server

Phil Crooker Phil.Crooker at orix.com.au
Mon Aug 8 01:56:00 CEST 2016


You can't test for https just with config changes, it must be enabled in the compiled binaries. Jeremy was saying this only involves the xymonnet binary. You can compile xymon with openssl enabled, then just manually copy the xymonnet file into $XYMONHOME/bin.


You'll want to make a copy of the old xymonnet file before doing this as a backup. Probably you'll also need to match your existing environment (path for XYMONHOME, etc as per the xymon configuration script) - safer that way.


Another way would be to write an ext script that calls external programs to do the testing - a lot more work but could be done.



________________________________
From: Xymon <xymon-bounces at xymon.com> on behalf of Raja Shekar <shekar.raaja at gmail.com>
Sent: Friday, 5 August 2016 11:29 PM
To: Jeremy Laidman
Cc: xymon at xymon.com
Subject: Re: [Xymon] SSL/HTTPS enabling on existing Xymon Server

Hello Jeremy,

Thank you for getting back on this. I am trying to enable monitoring probes of other servers that runs on HTTPS Services to do the health checks.  I didn't install the xymon in the existing environment, Looks like who ever did they didn't include Openssl-Devel package. I dont wannt to recompile/reinstall the existing Xymon as we already in production. It would be helpful if I can make any config changes to achieve the HTTPS functionality. Hope this explains my problem.

Please feel free to reach me if any concerns. Once again I really appreciate your efforts on responding to the issue. Looking forward to here from you.

Thanks and Regards
Raja Shekar














On Wed, Aug 3, 2016 at 9:04 PM, Jeremy Laidman <jlaidman at rebel-it.com.au<mailto:jlaidman at rebel-it.com.au>> wrote:
Raja

On Thu, Jun 23, 2016 at 4:10 PM Raja Shekar <shekar.raaja at gmail.com<mailto:shekar.raaja at gmail.com>> wrote:
Hello Xymon Team,

I would like to enable SSL on XYMON Server to support https requests. As I am seeing connection time out errors for HTTPS URL's.

Our configuration supports HTTP perfectly fine and for your information it is in production and live, so we don't want to do reinstall of Xymon servers. Rather than is there any configuration changes we can make on existing configs and do the server restart??

Xymon Version we are using
Xymon version 4.3.7

I just installed Openssl
OpenSSL 1.0.1e-fips 11 Feb 2013

Please let me know if any concerns.

Just to be clear, are you asking about enabling HTTPS connections to the webserver that is used to present the Xymon pages?  Or enabling monitoring probes of other servers that run HTTPS services?  All assume you mean the latter.

How did you install Xymon?  Did you install from a package, or compile from source code?  If the latter, then you probably need to re-compile Xymon so that it can include support for OpenSSL.  Also, if you installed OpenSSL from a package, make sure you have the "openssl-devel" package installed as that is required for other programs to link against the OpenSSL libraries at compile time.

I think the only binary that uses OpenSSL is xymonet, so you might be able to get away with only replacing this binary.

J




--
Raja Shekar

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20160807/9099ae8d/attachment.html>


More information about the Xymon mailing list