Uploaded image for project: 'OpenNMS'
  1. OpenNMS
  2. NMS-11725

HTTPS monitor with letsencrypt certificates

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved (View Workflow)
    • Minor
    • Resolution: Fixed
    • 21.0.0
    • None
    • Security Level: Default (Default Security Scheme)
    • ubuntu 14.04
      ONMS 21.0.0
      java 1.8.0_131
      openssl 1.0.1f

    Description

      I recently upgraded some servers to use letsencrypt ssl certificates. After doing so, the HTTPS monitors failed with a reason "unknown".  i upgraded java to 1.8.0_131. I imported the letsencrypt pem file into the java keystore. I also made sure that the ssl cipers and protocols were the same (I had originally disabled tls1). When testing using curl from the opennms server, the connection works fine (200 response from the server). I ran the poller test command and get the following output:

      admin@opennms()> poller:test -s HTTPS -P example1 -i 10.11.1.1
      Checking service HTTPS on IP 10.11.1.1
      Package: example1
      Monitor: org.opennms.netmgt.poller.monitors.HttpsMonitor
      Parameter ds-name : https
      Parameter port : 443
      Parameter rrd-base-name : https
      Parameter rrd-repository : /var/lib/opennms/rrd/response
      Parameter retry : 1
      Parameter timeout : 5000
      Parameter url : /
      Available ? false (status Unresponsive[3])

       

      I'm not sure what else to check to see what might be the problem. I had to pause further rollout of the certs until I can get this worked out. 

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              mario Mario S (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: