[Xymon] SSL checks no longer working on 4.3.26?

J.C. Cleaver cleaver at terabithia.org
Wed Feb 24 17:22:27 CET 2016


Hi Josh,


Gotcha. Yes, as of Xymon 4.3.22 401's and 403's (all 4xx, really) are
considered alert states instead of green. Explicitly allowing them (or
taking a '301' from warning back to green) can be done, but it's not a
globally available option yet.


To change a specific test, use the 'httpstatus' prefix to the regular
HTTP(s) check:

192.168.0.0 foobar.com # https://secure.example.com/

192.168.0.0 foobar.com # httpstatus;https://secure.example.com/;403;


cf. https://xymon.com/help/manpages/man5/hosts.cfg.5.html#lbAR



HTH,
-jc



On Wed, February 24, 2016 8:11 am, Jason Chambers wrote:
> Ahh, maybe that's it. All the HTTPS checks went to red stating Forbidden.
> I guess it's actually parsing the state of the HTTP and not just checking
> if the port is alive? Is there tag I can use that would do the old method
> and just tell me if the port is up and responding, and not the HTTP
> response codes?
>
> Jason Chambers
> Network Administrator | Geosoft
> geosoft.com | blog | twitter | linkedIn | facebook | T +1 416.369.0111
> #344 | M +1 416.508.1410
>
>
> -----Original Message-----
> From: J.C. Cleaver [mailto:cleaver at terabithia.org]
> Sent: February 24, 2016 11:09 AM
> To: Jason Chambers <Jason.Chambers at geosoft.com>
> Cc: Xymon Mailing List <xymon at xymon.com>
> Subject: Re: SSL checks no longer working on 4.3.26?
>
> On Wed, February 24, 2016 6:46 am, Jason Chambers wrote:
>> Hi All,
>>
>> I just did an upgrade from 4.3.21 to 4.3.26 and all of a sudden all of
>> my SSL checks stopped working even though I configured the Makefile to
>> use SSL. Is there a change that I'm unaware of that I need to make? I
>> have reverted back to 4.3.21 for now.
>
>
> Hi Jason,
>
> There were some SSL certificate parsing fixes in 4.3.25, and a few
> alterations in 4.3.22 to bring in additional certificate details, but
> nothing that should have broken all SSL testing, nor any real changes in
> the build process that I recall.
>
> Are the tests reporting 'red' now, or simply 'purple' (not reporting at
> all)?
>
> Can you provide the system you're building on, and the config output? If
> it's built properly, xymonnet should indicate the OpenSSL version it's
> using near the top of its own test results. e.g.:
>
>  xymonnet version 4.3.26
>  SSL library : OpenSSL 1.0.1e 11 Feb 2013  LDAP library: OpenLDAP 20440
>
> -jc
>
>





More information about the Xymon mailing list