[Xymon] False SSL cert alerts

Jeremy Laidman jlaidman at rebel-it.com.au
Thu Jun 29 02:19:13 CEST 2017

On 29 June 2017 at 10:10, Phil Crooker <Phil.Crooker at orix.com.au> wrote:

> Well, I'm sure you'll learn quite a bit about certificates before you are
> done  ;-)

I think this has nothing to do with certificates.

> This can be difficult to troubleshoot as it is all encrypted (or won't
> work at all because it is so broken that it can't be encrypted)! There are
> the errors: write:error=104, no peer cert and no cert CA names. You will
> just need to work out what is happening.
And to me, most telling:
SSL handshake has read 0 bytes and written 247 bytes

So, "read 0 bytes". That means the web server didn't send a single packet
during the SSL handshake, which is (I believe) the very first thing that
happens. The webserver (probably) accepted a connection, but then sent

> As Jeremy said, look at the server logs (esp the startup part).
Actually, John said this first. I just reiterated.

Zoltan: please look at your webserver logs for errors and let us know what
you see. If Apache, will probably be a file called error_log or
ssl_error_log or something like that. Perhaps you can run a "tail -f" on
the logfile, and at the same, run the openssl command again.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20170629/f69c1a5b/attachment.html>

More information about the Xymon mailing list