Good Morning,
Am 08.03.2012 02:02, schrieb Michael Friedrich:
> On 07.03.2012 23:57, Michael Friedrich wrote:
>... added a new option to check_nrpe,...
Ok, with the new version daemon output is:
Mar 8 06:04:38 ntp nrpe[12938]: Using illegal meta characters
'"|`&><'\"[]{};"'
Mar 8 06:04:38 ntp nrpe[12938]: Added
command[check_part_root]=/usr/local/icinga/lib/check_disk -w 20% -c 10% -p /
Mar 8 06:04:38 ntp nrpe[12938]: IPv4 ACL: 127.0.0.1/32 16777343
Mar 8 06:04:38 ntp nrpe[12938]: IPv4 ACL: 192.168.3.7/32 117680320
Mar 8 06:04:38 ntp nrpe[12938]: IPv6 allowed_hosts: ::1,2001:4dd0:fb32:3::7
Mar 8 06:04:38 ntp nrpe[12938]: INFO: SSL/TLS initialized. All network
traffic will be encrypted.
Mar 8 06:04:38 ntp nrpe[12939]: Starting up daemon
Mar 8 06:04:38 ntp nrpe[12939]: Listening for connections on port 5666
Mar 8 06:04:38 ntp icinga-nrpe[12914]: Starting Icinga NRPE ..done
Mar 8 06:06:53 ntp nrpe[13100]: Connection from 127.0.0.1 port 11732
Mar 8 06:06:53 ntp nrpe[13100]: Host address 127.0.0.1 is in allowed_hosts
Mar 8 06:06:53 ntp nrpe[13100]: Handling the connection...
Mar 8 06:06:55 ntp nrpe[13100]: Error: Could not complete SSL handshake. 1
Mar 8 06:06:55 ntp nrpe[13100]: error:140890B2:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
Mar 8 06:06:55 ntp nrpe[13100]: no certificate returned
Mar 8 06:06:55 ntp nrpe[13100]: Connection from 127.0.0.1 closed.
and the client says:
./check_nrpe -H ntp.pries.name -C
/usr/local/icinga/etc/client_icinga-nrpe.crt -k
/usr/local/icinga/etc/client_icinga-nrpe_sin.key -r
/usr/local/icinga/etc/client_icinga-nrpe.crt -t 20 -v -c check_part_root
NRPE Plugin for Icinga
Copyright (c) 1999-2008 Ethan Galstad (nag...@nagios.org)
Copyright (c) 2010-2012 Icinga Development Team and Community
Contributors (http://www.icinga.org)
Version: 3.0-dev
Last Modified: 03-04-2012
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: OpenSSL 0.9.6 or higher required
CHECK_NRPE: created SSL context.
CHECK_NRPE: SSL/TLS initialized. All network traffic will be encrypted.
CHECK_NRPE: Error - Could not complete SSL handshake.
CHECK_NRPE: error:00000000:lib(0):func(0):reason(0)
CHECK_NRPE: (null)
CHECK_NRPE: Error 0 - Failed to verify server x509 certificate.
CHECK_NRPE: error:00000000:lib(0):func(0):reason(0)
CHECK_NRPE: (null)
CHECK_NRPE: Common Name 'ntp.pries.name' in server certificate matches
host name 'ntp.pries.name'.
CHECK_NRPE: Got peer certificate.
CHECK_NRPE: SSL connection structure created.
CHECK_NRPE: Result not OK, bailing out ...
My conf is:
log_facility=daemon
pid_file=/var/run/icinga-nrpe.pid
server_port=5666
cert_file=/usr/local/icinga/etc/icinga-nrpe.crt
cacert_file=/usr/local/icinga/etc/icinga-nrpe.crt
privatekey_file=/usr/local/icinga/etc/icinga-nrpe_sin.key
nrpe_user=nagios
nrpe_group=nagios
allowed_hosts=127.0.0.1,192.168.3.7,::1,2001:4dd0:fb32:3::7
dont_blame_nrpe=0
debug=1
command_timeout=60
connection_timeout=300
illegal_metachars="|`&><'\"[]{};"
command[check_part_root]=/usr/local/icinga/lib/check_disk -w 20% -c 10% -p /
------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________
icinga-users mailing list
icinga-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/icinga-users
