[Xymon] Missing support for HTTP/2 ?
Uffe R. B. Andersen
urb at twe.net
Fri Dec 15 22:22:15 CET 2023
On 2023-11-08 13:14, Ingeborg Hellemo via Xymon wrote:
> tom at 4schmidts.com said:
>> HTTP/2 support is currently not in xymon, including in the 4.4alpha1
>> development tree. I did a little testing, and sites like google that support
>> HTTP/2 still pass the xymonnet checks as seen below:
> As you pointed out HTTP/2 is not part of the equation. (We turned it off
> completely on the server just to be sure).
>
> But I'm not any closer to resolving the issue. As I said, webpage in browser -
> no errors, curl - no errors, 'openssl s_client' no errors.
>
>
> ~/server/bin/xymonnet --debug --no-update <servername>
>
> 35422 2023-11-08 13:06:06.168385 1 status messages merged into 1 transmissions
> Address=[IP]:443, open=1, res=0, err=5, connecttime=0.000303,
> totaltime=0.002631,
> httpstatus = -5, open=1, errcode=5, parsestatus=0
> Response:
> (no headers)
> URL : https://<servername>/
> HTTP status : -5
> HTTP headers
> (NULL)
> HTTP output
> (NULL)
>
>
>
> Any ideas?
Anything in your xymonnet.log file? I just got the same error, after
upgrading my xymon server from FreeBSD 13.2 to 14.0. Turns out that
OpenSSl 3.0, which is included in FreeBSD 14.0 doesn't support TLS 1.0
out-of-the-box. My old switches only support TLS 1.0.
The xymonnet.log have these entries:
2023-12-15 21:03:49.454627 Unspecified SSL error in SSL_connect to https
(47873/tcp) on host 192.168.1x1.2x3: error:0A000152:SSL routines::unsafe
legacy renegotiation disabled
Of course, if your test tools use the same OpenSSL library as xymon,
they ought fail as well, but it sounds like an incompatible cipher issue.
--
Med venlig hilsen - Sincerely
Uffe R. B. Andersen - mailto:urb at twe.net
http://blog.andersen.nu/
More information about the Xymon
mailing list