anyone ?
On 8/25/06, Jerry Yu <jjj863 at gmail.com> wrote:
I need to monitor OpenVPN service on a remote server (OpenVPN is already monitored as a PROC locally on that server)
OpenVPN is SSL-based, so, I made up a service entry as below. The test is failing, got 'unexpected service response'm w/o any data. Because a shared HMAC secret is used for this OpenVPN server, a connection attempt w/o the HMAC secret will not be able to get the certificate (maybe this is why it fails?).
[openvpn] expect "CONNECTED(00000003)" option ssl port 12345
Here is a few manual sessions using openssl. I'd be happy to label the service as 'up' if I get the CONNECTED(00000003) string. any ideas?
/etc/hobbit# openssl s_client -ssl3 -connect vip1.vip.com:12345 CONNECTED(00000003) 30739:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:286: /etc/hobbit# openssl s_client -ssl2 -connect vip1.vip.com:12345 CONNECTED(00000003) 30742:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:429: