[Xymon] Monitoring websites using TLS1.3
martin at savcom.co.uk
martin at savcom.co.uk
Wed Mar 25 13:16:38 CET 2020
I'm trying to monitor a website that is operated on part of Cloudflare's
setup and I am failing to get a positive result. The website uses TLS1.3
and Xymonnet tells me that it was built USING OpenSSL v 1.1.0g (Xymon
version 4.3.28) which only handles TLS variants 1.0, 1.1, and 1.2.
I'm monitoring the server using the hosts.cfg entry:
0.0.0.0 Website # noconn nosslcert https3://www.website.com/
I've tried other httpsX variants and no joy. The result I get from the
website test is the rather sparse "- SSL error"
Digging into Xymonnet gives a more cryptic
Unspecified SSL error in SSL_connect to https (47873/tcp) on host
xx.xx.xx.xx: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert
handshake failure
I'm assuming the issue is around the version of OpenSSL, as the OpenSSL
v1.1.1 beta version manages TLS1.3 whereas OpenSSL v1.1.0g does not.
I have three questions:
- Is there a way of setting Xymon up to manage this monitoring?
- When is it planned to include OpenSSL v1.1.1 in a Xymon build?
- In the meantime, is it worth writing a simple script to test the
HTTPS response I need and feed this to Xymon separately?
Many thanks
Martin Davies
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20200325/a61394a2/attachment.htm>
More information about the Xymon
mailing list