[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Unable to do connection Testing via https

From: Martin Pala
Subject: Re: Unable to do connection Testing via https
Date: Wed, 15 Oct 2014 16:51:42 +0200

On 10 Oct 2014, at 14:52, Marcus Mülbüsch <address@hidden> wrote:

  However, the syntax from the monit manual:

if failed host port 443 type tcpssl protocol http http
headers [Authorization: Basic QWxhZGRpbjpvcGVu] and request
/LOG0/FAULT/mod_cmd.xml?cmd=something with content == 'alarms' then

  results in:

'' failed protocol test [HTTP] at
INET[] via TCPSSL --
HTTP error: Server returned status 401


  I can do my connection testing with the "old" syntax, which solves my immediate problem.

  But: how long will that syntax be supported by monit?

  And since I get these 401-errors (no 407 errors, there is no proxy inbetween), either my base64 encoding is wrong, or I did some other simple error in my configuration, or both of the syntaxes do not do the same...

  Any help on that point is still appreciated.

The configuration looks ok. I tried to replicate the problem but i'm unable to trigger it (used also wireshark to check the HTTP headers in the request - everything looked fine).

Please can you create small configuration file with both test versions and take a network trace (using wireshark) with SSL decryption enabled? (you can find tutorial for wireshark SSL decryption for example here: You'll need to import the private from the HTTP server to decrypt the captured data.

The configuration may look like this (save it for example as ~/.monitrc_test and set its permissions to 0600: chmod 600 ~/.monitrc_test):

set daemon 60
set httpd
port 2813
allow localhost
set idfile /tmp/
set pidfile /tmp/
set statefile /tmp/monit_test.state

check host myhost with address
if failed host port 443 protocol https http headers [Authorization: Basic QWxhZGRpbjpvcGVu] and request /LOG0/FAULT/mod_cmd.xml?cmd=something with content == 'alarms' then alert
if failed (url https://Aladdin:address@hidden/LOG0/FAULT/mod_cmd.xml?cmd=something with content == 'alarms') then alert


1.) start wireshark, import's SSL key to it and set the capture filter for traffic
2.) start monit with:
monit -vIc ~/.monitrc_test
3.) stop monit (^C) and wireshark when both tests completed and export the request packet from each test as plaintext

Best regards,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]