On 2020-05-20 06:30, Schrittenlocher, Rolf wrote:
Dear all,
we disabled for security reasons sslv3 in apache. Since then xymon complains about not being able to negotiate sslv3 and goes read with an ssl error.
https://lists.xymon.com/archive/2014-December/040782.html shows that with bbtest-net could specificate which ssl version to use. This doesn't seem to be possible with xymon. Any hints how to test https correctly without sslv3? We are using xymon 4.3.17,
Hello, Rolf.
I recently came across the same issue when one of the sites I monitor did the same.
My Google searches lead to the possiblity of doing one of two things:
- Modify the xymonnet call in tasks.cfg to include --sni (the default is --nosni)
- Add "sni" to the site's entry in hosts.cfg (adding this to the hosts.cfg overrides the default behavior and/or the behavior as configured in tasks.cfg, for the host entry in question).
I employed #2 and it cleared up the problem for me.
Mike Burger http://www.bubbanfriends.org
"It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1