|
From: | Martin Pala |
Subject: | Re: Unable to do connection Testing via https |
Date: | Wed, 15 Oct 2014 16:51:42 +0200 |
On 10 Oct 2014, at 14:52, Marcus Mülbüsch <address@hidden> wrote: However, the syntax from the monit manual:if failed host 1.2.3.4 port 443 type tcpssl protocol http http The configuration looks ok. I tried to replicate the problem but i'm unable to trigger it (used also wireshark to check the HTTP headers in the request - everything looked fine). Please can you create small configuration file with both test versions and take a network trace (using wireshark) with SSL decryption enabled? (you can find tutorial for wireshark SSL decryption for example here: http://blogs.technet.com/b/nettracer/archive/2013/10/12/decrypting-ssl-tls-sessions-with-wireshark-reloaded.aspx). You'll need to import the private from the HTTP server to decrypt the captured data. The configuration may look like this (save it for example as ~/.monitrc_test and set its permissions to 0600: chmod 600 ~/.monitrc_test): --8<-- set daemon 60 set httpd port 2813 allow localhost set idfile /tmp/monit_test.id set pidfile /tmp/monit_test.pid set statefile /tmp/monit_test.state check host myhost with address 1.2.3.4 if failed host 1.2.3.4 port 443 protocol https http headers [Authorization: Basic QWxhZGRpbjpvcGVu] and request /LOG0/FAULT/mod_cmd.xml?cmd=something with content == 'alarms' then alert if failed (url https://Aladdin:address@hidden/LOG0/FAULT/mod_cmd.xml?cmd=something with content == 'alarms') then alert --8<-- Then: 1.) start wireshark, import 1.2.3.4:443's SSL key to it and set the capture filter for 1.2.3.4:443 traffic 2.) start monit with: monit -vIc ~/.monitrc_test 3.) stop monit (^C) and wireshark when both tests completed and export the request packet from each test as plaintext Best regards, Martin |
[Prev in Thread] | Current Thread | [Next in Thread] |