Hi all. Running Xymon 4.3.12 (OpenSSL 0.9.7d). All of a sudden, one of our tests is failing in an odd way. I'm seeing both a red http test for the host in question, and the following yellow on my xymonnnet test:
Unknown error 0 in SSL_connect to 47873/tcp on host 10.136.100.125: error:00000000:lib(0):func(0):reason(0) Unknown error 0 in SSL_connect to 47873/tcp on host 10.136.100.125: error:00000000:lib(0):func(0):reason(0)
Here is the failing test:
Fri Sep 12 11:27:22 2014: SSL error ; SSL error ; OK
red https://my-test.umdnj.edu/cp/home/login - SSL error Seconds: 0.61
red https://my-test.umdnj.edu/cp/home/displaylogin - SSL error Seconds: 0.61
I'm not really seeing anything in the logfiles that would help me (the bb-network log has just the xymonnet above error). Can anyone suggest something further? Nothing that I'm aware of was changed on the system being tested or the system doing the testing.
-- ____ *Note: UMDNJ is now Rutgers-Biomedical and Health Sciences* || \\UTGERS |---------------------*O*--------------------- ||_// Biomedical | Ryan Novosielski - Senior Technologist || \\ and Health | novosirj at rutgers.edu - 973/972.0922 (2x0922) || \\ Sciences | OIRT/High Perf & Res Comp - MSB C630, Newark `'
On Fri, September 12, 2014 8:33 am, Novosielski, Ryan wrote:
Hi all. Running Xymon 4.3.12 (OpenSSL 0.9.7d). All of a sudden, one of our tests is failing in an odd way. I'm seeing both a red http test for the host in question, and the following yellow on my xymonnnet test:
Unknown error 0 in SSL_connect to 47873/tcp on host 10.136.100.125: error:00000000:lib(0):func(0):reason(0) Unknown error 0 in SSL_connect to 47873/tcp on host 10.136.100.125: error:00000000:lib(0):func(0):reason(0)
Here is the failing test:
Fri Sep 12 11:27:22 2014: SSL error ; SSL error ; OK
red https://my-test.umdnj.edu/cp/home/login - SSL error Seconds: 0.61
red https://my-test.umdnj.edu/cp/home/displaylogin - SSL error Seconds: 0.61
I'm not really seeing anything in the logfiles that would help me (the bb-network log has just the xymonnet above error). Can anyone suggest something further? Nothing that I'm aware of was changed on the system being tested or the system doing the testing.
That's... interesting. It seems like the xymon side of things is at least correctly flagging an underlying error.
- Can you run xymonnet with --debug turned on to see more precisely what's happening around that test?
- Any changes to the openssl libraries on the box in question? Occasionally openssl RPMs (on EL) get updated automatically which are a little more strict about what's going on.
- Try running your URL (if it's available off-net at all, which as a 10.x it probably isn't) through https://www.ssllabs.com/ssltest/ That can highlight weird SSL config issues; very helpful with the openssl TLS 1.2 issues last year.
- Can you post the output of this? openssl s_client -msg -connect my-test.umdnj.edu:443
HTH,
-jc
participants (2)
-
cleaver@terabithia.org
-
novosirj@ca.rutgers.edu