OpenSUSE Network :: Nagios Won't Monitor Service With Self Signed Cert

Jan 14, 2011

Updating my install of OpenSUSE from 11.0 to 11.3 and notice that the Nagios network monitor can no longer probe servers with self signed certs.It appears to be any monitor that used openssl 1.0.0 has an issue. If I install the openssl 0.9.8 libraries and use old plugins linked against it, they work fine.

View 9 Replies


ADVERTISEMENT

Security :: Can't Import A Cert - Signed With OpenSSL- Into A Java Key Store Using Keytool

Feb 11, 2011

When I do a "openssl x509 -in server1.pem -issuer -noout" after I've supposedly signed it with the CA, the issuer is, for some reason, the DN string of server1. If server1 generated the CSR, and it is coming up as issued by server1, doesn't that indicate a self signed cert? How could the CA be producing a cert that has an issuer of another server? Am I just completely off base? Sorry, I'm a bit of a newb with the SSL pieces.

I hope this is the right place for this, but I'm having some difficulty using the java keytool and OpenSSL tool on a Solaris system.

I have a server (CA server) with OpenSSL installed that I would like to use as a Certificate Authority. The second server (server1) is a WebLogic server with JDK 1.6.0_21. I'm trying to configure it to use a certificate that has been signed by server1.

For some reason it keeps giving me this error when I try to import the signed SSL certificate: keytool error: java.lang.Exception: Public keys in reply and keystore don't match

Am I doing something wrong in this whole process?

1) Generate the Private Key for the CA server
openssl genrsa -out CA.key -des 2048

2) Generate the CSR on the CA
openssl req -new -key CA.key -out CA.csr

3) Sign the new CSR so that it can be used as the root certificate openssl x509 -extensions v3_ca -trustout -signkey CA.key -days 730 -req -in CA.csr -out CA.pem -extfile /usr/local/ssl/openssl.cnf

4) On server1, create Server Private Key KeyStore keytool -genkey -alias server1 -keysize 2048 -keyalg RSA keystore server1.jks -dname "CN=server1.domain.com,OU=Organization,O=Company,L=City,ST=State,C=US"

5) On server1, create a CSR from the recently created Private Key
keytool -certreq -alias server1 -sigalg SHA1WithRSA -keystore server1.jks -file server1.csr

6) Transfer the CSR over to the CA (server1) so that it can be signed openssl x509 -extensions v3_ca -trustout -signkey CA.key -days 365 -req -in server1.csr -out server1.pem -extfile /usr/local/ssl/openssl.cnf

7) Transfer CA Public Cert to server1 and Import into keytool keytool -import -trustcacerts -alias CA_Public -file CA.pem -keystore server1.jks

8) Import recently signed CSR to app server keystore (This is where I receive the error) keytool -import -trustcacerts -alias server1 -file server1.pem -keystore server1.jks

View 1 Replies View Related

Server :: Postfix Rejecting Self-signed Cert On Remote Smtp Server?

Jun 24, 2011

I've got an uber simple test mail script in php on my awesome new dev machine running Ubuntu:

PHP Code:

Unfortunately, something is preventing mail delivery. I can't tell from this error log whether it's the remote machine rejecting me or whether it's my machine rejecting the self-signed cert on the remote machine:

Code:

I'm wondering what I could change in my postfix configuration to remedy this problem.

I tried setting smtp_tls_security_level = may = may but this did not change anything.

View 10 Replies View Related

OpenSUSE Network :: Connecting To WPA Enterprise Network Using A CA Root Cert?

May 2, 2011

I am facing an issue connecting to WPA Enterprise network using a CA Root Cert. I have traced it to a bug report here [URL] when the fix is going to get push?

View 4 Replies View Related

OpenSUSE Network :: Reinstall Ssl-cert Package Again?

Apr 5, 2011

I removed using yast the package "ssl-cert". At this point yast2 started throwing the error:

Code:
Download failed:
Download (curl) error for 'https://nu.novell.com/repo/repoindex.xml?cookies=0&credentials=NCCcredentials':
Error code: Unrecognized error
Error message: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

And of course a redownload and install of ssl-cert is not possible,I get the same error So I tried downloading and installing the openssl package by hand, but still I got nowhere Does anyone knows how to reinstall this ssl-cert package again??

View 3 Replies View Related

Ubuntu Installation :: Add Hosts In Nagios - Monitor Network Properly?

Jun 3, 2011

I have installed ubuntu on Vmware.I work in Lan environment and I have 2 local linux servers in my office.I have installed nagios on ubuntu.but nagios doesnt show other hosts in office.How to do I add other hosts in the office in nagios so that I can monitor network properly?

View 1 Replies View Related

Ubuntu Security :: SSL Cert And CSR - Generating An HTTPS Cert For Apache And / Or Mail Access?

Aug 9, 2011

I'm about to create a CSR and was reading this page in the Ubuntu docs: [URL] A couple of things:

* There's no date on the article. The documentation needs DATES because this information gets out of date! Check MySQL docs, for instance -- they are organized by version.
* The instructions for generating a cert only specify 2048 bits. I believe that's kind of out of date? The verisign site has big red warnings saying you need 2048 if you want your cert to last past 2013 -- and that article is 4 years old!
* The instructions are confusing when discussing the passphrase. We enter a passphrase only to remove it immediately. We need some clarity here. Why do this?

How to understand the current best practices for generating an HTTPS cert for apache and/or mail access?

View 6 Replies View Related

Ubuntu :: Upload Manually Signed Packages To PPA That Are Showing Up As Not Signed?

Oct 14, 2010

am trying to upload packages o a PPA (packages that contain custom "sources.list"s designed to make upgrades or downgrades between Ubuntu releases easier) and, even after going through all that work to manually generate a key and sign them with gpg, dput still rejects them as "not signed".

View 3 Replies View Related

Software :: How To Add Service In Nagios

Sep 23, 2010

i have one service configured in windows, now want to monitor that service in nagios. in which configuration file do i need to make an entry of that particular service. and what are the steps .

View 3 Replies View Related

Server :: Add Dns And Dhcp Service To Be Monitered By Nagios?

Oct 3, 2010

I have installed nagios 3.2 on Rhel5. Now I want to add Dns and Dhcp service to be monitered by nagios (on local server). How can I add this services to get monitored by nagios. let us know the exact steps so that I can add this services in nagios.

View 1 Replies View Related

General :: Error Reading Information On Service Nagios

Mar 2, 2010

I am installing Nagios Monitoring tool in RHEL5 and I got stuck at one point. The details are as follows:
Nagios version:3.0.1
At the end of installation when I try to execute the command
#chkconfig --add nagios
Its displaying "error reading information on service nagios : no such file or directory".

View 5 Replies View Related

Networking :: How To Monitor Asterisk Using Nagios

Mar 31, 2011

What are the standard procedures to monitor asterisk with nagios? I downloaded check_asterisk from URL...

View 1 Replies View Related

General :: How To Monitor Printers In Nagios

Apr 12, 2011

anyone tell me how to monitor printers in Nagios

View 3 Replies View Related

Server :: Monitor Partition Other Than / In Nagios

Oct 1, 2010

I have a CentOS-5 Server with Nagios installed,through which I monitor three other servers.I want to monitor a Linux partition which is mounted under CentOS-5 server which has Nagios installed.

View 1 Replies View Related

Software :: How To Monitor Ms Exchange Under Nagios XI

Aug 6, 2011

i have installed Nagios XI server. now my requirement is to monitor below parameter of ms exchange server.

1) monitor server
2) services (pop,imap,smtp)
3) exchange mailbox size
4) Monitor mail queues on Exchange

if anybody has done above setup, so please share docs or related information.

View 1 Replies View Related

OpenSUSE Network :: Allow Openvpn Service In Firewall?

Jul 13, 2010

I can't get my openvpn work if the firewall is on , and I also don't see any option to allow openvpn service in firewall allow service.

View 1 Replies View Related

General :: How To Monitor Remote Host Using Nagios

Jan 14, 2011

Yesterday i install nagios, after that i can successfully monitor my local machine disk usage and its services, but now i want to monitor remote host, but have no idea how to do this , i also google alot but not getting resource full explanation.so please guys tell me how can i monitor the remote host using nagios..

View 54 Replies View Related

Software :: How To Monitor Wall Outlet With Nagios

Oct 20, 2010

Is there a way to monitor a wall outlet with nagios.I want to check if we got some power out of a wall outlet.This is to check whether we are running on the electricity network or on our diesel power generator.The wall outlet is connected only to the electricity network, so if there is no more power coming out of the outlet that mean that we are running on the diesel power generator.

View 2 Replies View Related

Software :: Monitor Mysql 5.0.77 With Nagios 3.2.1 Under CentOS 5.4?

Apr 7, 2010

Trying to monitor mysql 5.0.77 with nagios 3.2.1 under CentOS 5.4. Everything with nagios has been running without a hitch for me, however, when I added the following to /etc/nagios/objects/localhost.cfg to try to monitor mysql, I get an error that reads "Running configuration check... CONFIG ERROR! Restart aborted. Check your Nagios configuration."

define service{
use local-service
host_name localhost
service_description MYSQL
check_command check_mysql
notifications_enabled 1
}

This is pretty much what I added to monitor other things on the server such as ftp and smtp, just switched out check_smtp with check_mysql, etc.

View 2 Replies View Related

Software :: Not Able To Monitor Linux Host Under Nagios

Nov 15, 2010

I have installed nagios successfully also able to monitor windows hosts. but not able to monitor linux hosts. i have follow below procedure, installation part and evertything was ok.but still i am not able to see linux host under nagios. i followed below url for monitor linux hosts on nagios.URL...

View 3 Replies View Related

OpenSUSE :: The KDE Network Monitor Requires 3 Reboots Before Being Able To Connect To Wireless Network

Mar 10, 2011

After installing 11.4, I need to type in the command to update the firmware for a broadcom wifi adapter. Then I needed to reboot, twice, before the system knew to use the adapter (where the adapter wifi light goes from orange to blue).

Then I needed to add my wireless network and type in my key. But the key does not take. If I click on my wireless network icon, it just re-asks for the key and does not connect nor give any other message. Network icon continues to display no connection.

So I need to reboot again.

When the system starts again, the adapter is blue, I click on the icon for my wifi network and it connects without asking for my key and I can then set to start my wifi by default.

Now my wifi works fine.

View 1 Replies View Related

OpenSUSE Network :: Error - Cannot Enable Service SUSEFirewall2_setup

Mar 15, 2011

I am getting the error Cannot Enable Service SUSEFirewall2_setup when I try to set up the firewall in Yast.

11.4 x86-64
KDE 4.6.00

View 1 Replies View Related

General :: Nagios Monitor Tool Installation On Server

Jul 13, 2011

I am having individual Linux server and need to install nagios monitoring tool on the server. How to install on this linux server. I am using CentOS. Need to to monitor mysql and http services.

View 2 Replies View Related

Ubuntu :: Monitor Multiple Websites Nagios,Zabbix Conf?

Jan 12, 2010

I need to find a solution where I can monitor multiple sites at once and know when they go down. There are fraudulent sites (not mine I am in the infosec industry)

I have been playing with Nagios and Zabbix all day with not much luck. I have managed to get both installed and running and researched for hours. I just need to figure out how to add domain names to be monitored and I am stuck. I know you have to do it in the conf files but I cannot get a domain to show up?

View 3 Replies View Related

Fedora :: Start A Service Before Network Service?

Nov 6, 2010

I need to start a service before network service How to?

View 1 Replies View Related

OpenSUSE Network :: 11.3 - Windows7 - Clear Internet Service And Use A USB Modem To Connect

Jan 9, 2011

I have a lenovo desktop pc (WIN7) that I connect to the interrnet with. I have a custom built box (SuSE11.3). I have clear internet service and use a USB modem to connect to the internet. Clear does not make a Linux driver yet... I can connect to the Internet through VMware desktop with SuSE as the guest OS. However, I want to connect my other system to a router and my other PC. Would I be able to access the web with the linux box? I have a free NIC card on both pc's, I'm just not savvy enough to network them so if anyone could explain or tell me if it is even posssible to network the 2, My goal is to run SuSE on one, WIN7 on the other and access the internet from both.

View 3 Replies View Related

Networking :: Configure Nagios To Monitor Custom Port On A Remote Server?

May 27, 2010

configure nagios to monitor custom port on a remote linux server..

View 5 Replies View Related

Server :: Find Documents For Configuring Nagios In Order To Monitor Webapplications?

Dec 29, 2010

I just want to know how to monitor urls using nagios.i.e running web applications under tomcat. can any one pleasAe provide me links or docs that narrates,how to configure nagios in a way to monitor our web applications. we already configured nagios for monitoring remote servers load,login details, disk space etc. But we could not find any documents for configuring nagios in order to monitor webapplications.

View 1 Replies View Related

OpenSUSE Network :: Appropriate Directories To Monitor For Pci Compliance

Apr 19, 2011

There is no "security" forum so I figured I'd post this here.

Because of PCI compliance requirements, we are going to begin using the built-in audit utility that comes with SuSE to monitor file/directory changes. The utility comes pre-configured to monitor many system files but I was curious as if there is a standard list of files/folders that should be monitored for PCI compliance? I've scanned the web but haven't come across anything yet.

View 5 Replies View Related

OpenSUSE Network :: How Does A Server Without A Dedicated Monitor Work

Mar 29, 2011

When you need to change something on the server you can hook up a monitor and a keyboard and do it through the console.

I would like to hook up an external monitor in this fashion for a desktop. The current video card can only support a single display. So I was hoping there was someway to use a second monitor as just a permanent console since simple text shouldn't require a video card?

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved