-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 04/01/16 09:03 AM, Gereon Kremer wrote: > > Hello, > > I'm using nagios for website monitoring and recently one of the sites > was migrated to https. > I'll abstract from the nagios config now and directly show the problem > on the plugin. > > I now want to migrate the following command to https: > check_http -H <url> > > What works: > wget https://<url> > > What does not work (with result): > check_http -S -H <url> (timeout) > check_http --ssl -H <url> (timeout) > check_http --ssl=1 -H <url> (timeout) > check_http --ssl=2 -H <url> (SSL protocol version 2 is not supported > by your SSL library.) > check_http --ssl=3 -H <url> (sslv3 alert handshake > failure:s3_pkt.c:1294:SSL alert number 40) > check_http -p 443 -H <url> (timeout) Hi Gereon, Have you tried: check_https -H <url> check_http -S -p 443 -H <url> If I'm not mistaken, calling check_http as check_https does two things: 1. enable ssl (-S/--ssl), and 2. change the default port to 443 (check_https should be a symlink to check_http). When you set the port to 443, it's like doing "http://host:443/" : that will use normal http on an ssl connection which won't work. Similarly, I don't think check_http is smart enough to decide when it should change the default port to 443 unless when called as "check_https", so when you use -S/--ssl without explicitly setting port 443, it's like doing "https://host:80/" - going ssh on a non-ssh connection won't work neither. Regards, - -- Thomas -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlaKvX4ACgkQ6dZ+Kt5BchbeIwCgyH17A5sbRD+Bew4476PaG62d jZMAnA/SNVadYqN6UTWAvAyodlt7xl+J =jtlD -----END PGP SIGNATURE-----