Tim Dunphy
2015-May-01 19:28 UTC
[CentOS] Could not complete SSL handshake to Amazon EC2 host
Hi Brian, Does "iptables -L" show anything of note? I'm leaving iptables off in this host. Because it's an AWS EC2 host I'm managing the firewall ports using the AWS security groups. [root at ops:~] #service iptables status Firewall is stopped. But still, there's this... [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H ops.jokefire.com CHECK_NRPE: Error - Could not complete SSL handshake. Sadly.... :( Thanks for your input tho! On Fri, May 1, 2015 at 3:18 PM, Brian Miller <centos at fullnote.com> wrote:> On Fri, 2015-05-01 at 01:32 -0400, Tim Dunphy wrote: > > And I made sure the local firewall was stopped, because I am blocking > > ports > > with the security groups instead. > > > > [root at ops:~] #service iptables status > > Firewall is stopped. > > Does "iptables -L" show anything of note? > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >-- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
Brian Miller
2015-May-01 20:58 UTC
[CentOS] Could not complete SSL handshake to Amazon EC2 host
On Fri, 2015-05-01 at 15:28 -0400, Tim Dunphy wrote:> Hi Brian, > > Does "iptables -L" show anything of note? > > > I'm leaving iptables off in this host. Because it's an AWS EC2 host I'm > managing the firewall ports using the AWS security groups. > > [root at ops:~] #service iptables status > Firewall is stopped. > > But still, there's this... > > [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H ops.jokefire.com > CHECK_NRPE: Error - Could not complete SSL handshake. > > Sadly.... :( > > Thanks for your input tho!Does 'ldd /usr/local/nagios/bin/nrpe' show any missing libs?
Tim Dunphy
2015-May-01 21:10 UTC
[CentOS] Could not complete SSL handshake to Amazon EC2 host
Hi Brian, Does 'ldd /usr/local/nagios/bin/nrpe' show any missing libs?>Well, the NRPE binary looks good both on the client and the server from what I can tell: Client: [root at ops:~] #ldd /usr/local/nagios/bin/nrpe libssl.so.6 => /lib64/libssl.so.6 (0x00002aaaaaaba000) libcrypto.so.6 => /lib64/libcrypto.so.6 (0x00002aaaaad08000) libnsl.so.1 => /lib64/libnsl.so.1 (0x00002aaaab05a000) libwrap.so.0 => /lib64/libwrap.so.0 (0x00002aaaab273000) libc.so.6 => /lib64/libc.so.6 (0x00002aaaab47c000) libgssapi_krb5.so.2 => /usr/lib64/libgssapi_krb5.so.2 (0x00002aaaab7d5000) libkrb5.so.3 => /usr/lib64/libkrb5.so.3 (0x00002aaaaba04000) libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00002aaaabc99000) libk5crypto.so.3 => /usr/lib64/libk5crypto.so.3 (0x00002aaaabe9b000) libdl.so.2 => /lib64/libdl.so.2 (0x00002aaaac0c1000) libz.so.1 => /lib64/libz.so.1 (0x00002aaaac2c5000) /lib64/ld-linux-x86-64.so.2 (0x0000555555554000) libkrb5support.so.0 => /usr/lib64/libkrb5support.so.0 (0x00002aaaac4d9000) libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00002aaaac6e2000) libresolv.so.2 => /lib64/libresolv.so.2 (0x00002aaaac8e4000) libselinux.so.1 => /lib64/libselinux.so.1 (0x00002aaaacafa000) libsepol.so.1 => /lib64/libsepol.so.1 (0x00002aaaacd12000) And server: [root at monitor1:~] #ldd /usr/local/nagios/bin/nrpe linux-vdso.so.1 => (0x00007fffffffd000) libssl.so.10 => /lib64/libssl.so.10 (0x00007fdd51590000) libcrypto.so.10 => /lib64/libcrypto.so.10 (0x00007fdd511a9000) libnsl.so.1 => /lib64/libnsl.so.1 (0x00007fdd50f8f000) libc.so.6 => /lib64/libc.so.6 (0x00007fdd50bce000) libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007fdd50982000) libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007fdd5069e000) libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007fdd5049a000) libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007fdd50268000) libdl.so.2 => /lib64/libdl.so.2 (0x00007fdd50063000) libz.so.1 => /lib64/libz.so.1 (0x00007fdd4fe4d000) /lib64/ld-linux-x86-64.so.2 (0x00007fdd51806000) libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007fdd4fc3e000) libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007fdd4fa39000) libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fdd4f81f000) libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fdd4f603000) libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fdd4f3dd000) libpcre.so.1 => /lib64/libpcre.so.1 (0x00007fdd4f17c000) liblzma.so.5 => /lib64/liblzma.so.5 (0x00007fdd4ef57000) Both look completely fine! No missing libs. But thanks for the suggestion tho! Definitely not a bad idea to rule that out! Thanks, Tim On Fri, May 1, 2015 at 4:58 PM, Brian Miller <centos at fullnote.com> wrote:> On Fri, 2015-05-01 at 15:28 -0400, Tim Dunphy wrote: > > Hi Brian, > > > > Does "iptables -L" show anything of note? > > > > > > I'm leaving iptables off in this host. Because it's an AWS EC2 host I'm > > managing the firewall ports using the AWS security groups. > > > > [root at ops:~] #service iptables status > > Firewall is stopped. > > > > But still, there's this... > > > > [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H > ops.jokefire.com > > CHECK_NRPE: Error - Could not complete SSL handshake. > > > > Sadly.... :( > > > > Thanks for your input tho! > > Does 'ldd /usr/local/nagios/bin/nrpe' show any missing libs? > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >-- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
Seemingly Similar Threads
- Could not complete SSL handshake to Amazon EC2 host
- Could not complete SSL handshake to Amazon EC2 host
- Could not complete SSL handshake to Amazon EC2 host
- Could not complete SSL handshake to Amazon EC2 host
- Could not complete SSL handshake to Amazon EC2 host