CHECK_NRPE: Error - Could not complete SSL handshake

Nathan Oyler noyler at khimetrics.com
Tue Nov 30 17:37:48 CET 2004
Previous message: CHECK_NRPE: Error - Could not complete SSL handshake
Next message: CHECK_NRPE: Error - Could not complete SSL handshake
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I've fixed the problem. 

I'm not exactly sure what the problem is, but I've fixed it.

I did a google search for the error message and started reading through
the code to see what happens when it gives out the error message I was
getting.

To change all of the nrpe.cfg's I wrote my first perl script which
seemed quite successful. I can send that if you'd like.

To fix the problem, I deleted all whitespace from the end of the
allowed_hosts line and the next comment, then I added new whitespace.

Now it works.

I have no idea why it worked on one host and not another, as the edits
were done on every box with the exact same perl script, and look exactly
the same.

But, if I redo the whitespace manually, it fixes it.

If you'd like me to send the perl script, or one of these files that
doesn't work, let me know.

Thanks.

> -----Original Message-----
> From: nagios-users-admin at lists.sourceforge.net [mailto:nagios-users-
> admin at lists.sourceforge.net] On Behalf Of Nathan Oyler
> Sent: Tuesday, November 30, 2004 9:07 AM
> To: Andreas Ericsson; Nagios-users at lists.sourceforge.net
> Subject: RE: [Nagios-users] CHECK_NRPE: Error - Could not complete SSL
> handshake
> 
> 
> Below.
> 
> > Nathan Oyler wrote:
> > > I've read the frequently asked questions, and I am still stumped.
> > >
> > >
> > >
> > > I have Nagios running perfectly fine on one machine. I've planned
to
> > > move Nagios off of that machine, so installed a clean install of
> Fedora
> > > Core 3, and started going. Installed nagios 1.2 from source.
> Installed
> > > plugins from source. Installed nrpe plugin from source.
> > >
> > >
> > >
> > > On most machines I receive the "Could not complete SSL handshake"
> > >
> >
> > What does "ldd nrpe" say on your monitored systems? Unless they are
> > linked with openssl you won't be able to monitor them with an
> > ssl-enabled client. Try running the check_nrpe program with the "-n"
> > flag to turn ssl off.
> 
> [Nathan Oyler]
> 
> The machine that works, and the machine that doesn't both give the
exact
> same links when running ldd nrpe.
> 
> They are both linked with open ssl like
> 
> "        libssl.so.2 => /lib/libssl.so.2 (0x4001c000)"
> 
> However, when running check_nrpe using -n, both fail but with
different
> error messages.
> 
> A check from the currently stable and running Nagios on FC2 to a host
> that fails on the new nagios.
> 
> "sh-2.05b$ ./check_nrpe -n -H 7b1.dc
> CHECK_NRPE: Error receiving data from daemon."
> 
> A check from the currently stable and running Nagios to a host that
> works on the new nagios.
> 
> "sh-2.05b$ ./check_nrpe -n -H 7b2.dc
> CHECK_NRPE: Error receiving data from daemon."
> 
> A check from the machine failing with nrpe to a box that doesn't work
> for it.
> 
> "[root at triad8 plugins]# ./check_nrpe -n -H 7b1.dc
> CHECK_NRPE: Received 0 bytes from daemon.  Check the remote server
logs
> for error messages."
> 
> Nov 30 09:00:06 7b1 nrpe[6390]: Error: Could not complete SSL
handshake.
> 1
> Nov 30 09:02:37 7b1 nrpe[6405]: Host 172.16.1.138 is not allowed to
talk
> to us!
> Nov 30 09:03:25 7b1 nrpe[6407]: Host 172.16.1.138 is not allowed to
talk
> to us!
> 
> 
> The Allowed hosts field in nrpe.cfg does include 172.16.1.138 on both
> machines.
> 
> 
> 
> 
> 
> 
> >
> > >
> > >
> > > On a few machines, it works. These all work from the initial box I
> setup
> > > Nagios with.
> > >
> > >
> > >
> > > I have added the IP address in allow on every nrpe instance, as
well
> as
> > > restarted it. Some machines actually work, and display NRPEv2.0.
> > >
> > >
> > >
> > > Other machines on the same blade center do not work.  They should
be
> the
> > > exact same machines installed the exact same way. (Should being
> > > operative, but through history files I cannot find any
differences.
> > > These boxes were loaded within the last 2 months, barely touched
> since.)
> > >
> > >
> > >
> > > If I run the nrpe check from the box that currently runs Nagios I
> get
> > > NRPEv2.0
> > >
> > >
> > >
> > > Even on boxes that don't work from the new box.
> > >
> > >
> > >
> > > I have reinstalled Nagios from source. I've installed from RPM,
I've
> > > checked OPENSSL versions, which there is no pattern relevant to
the
> > > problem, and what version.
> > >
> > >
> > >
> > > I am completely stumped. I hate messaging the list with something
> that's
> > > explained on the FAQ and am awaiting what obvious thing I've
> overlooked.
> > >
> > >
> > >
> > >
> > > Thanks.
> > >
> > >
> >
> > --
> > Andreas Ericsson                   andreas.ericsson at op5.se
> > OP5 AB                             www.op5.se
> > Lead Developer
> >
> >
> > -------------------------------------------------------
> > SF email is sponsored by - The IT Product Guide
> > Read honest & candid reviews on hundreds of IT Products from real
> users.
> > Discover which products truly live up to the hype. Start reading
now.
> > http://productguide.itmanagersjournal.com/
> > _______________________________________________
> > Nagios-users mailing list
> > Nagios-users at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/nagios-users
> > ::: Please include Nagios version, plugin version (-v) and OS when
> > reporting any issue.
> > ::: Messages without supporting info will risk being sent to
/dev/null
> 
> 
> 
> 
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real
users.
> Discover which products truly live up to the hype. Start reading now.
> http://productguide.itmanagersjournal.com/
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
Previous message: CHECK_NRPE: Error - Could not complete SSL handshake
Next message: CHECK_NRPE: Error - Could not complete SSL handshake
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list