[Xymon] False SSL cert alerts
Jeremy Laidman
jlaidman at rebel-it.com.au
Thu Jun 29 02:19:13 CEST 2017
On 29 June 2017 at 10:10, Phil Crooker <Phil.Crooker at orix.com.au> wrote:
> Well, I'm sure you'll learn quite a bit about certificates before you are
> done ;-)
>
I think this has nothing to do with certificates.
> This can be difficult to troubleshoot as it is all encrypted (or won't
> work at all because it is so broken that it can't be encrypted)! There are
> the errors: write:error=104, no peer cert and no cert CA names. You will
> just need to work out what is happening.
>
And to me, most telling:
SSL handshake has read 0 bytes and written 247 bytes
So, "read 0 bytes". That means the web server didn't send a single packet
during the SSL handshake, which is (I believe) the very first thing that
happens. The webserver (probably) accepted a connection, but then sent
nothing.
> As Jeremy said, look at the server logs (esp the startup part).
>
Actually, John said this first. I just reiterated.
Zoltan: please look at your webserver logs for errors and let us know what
you see. If Apache, will probably be a file called error_log or
ssl_error_log or something like that. Perhaps you can run a "tail -f" on
the logfile, and at the same, run the openssl command again.
J
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20170629/f69c1a5b/attachment.html>
More information about the Xymon
mailing list