|
From: | Bryan Harris |
Subject: | Re: Client certificates |
Date: | Thu, 27 Apr 2017 18:55:22 -0400 |
Well, I gave it a try (building 5.22.0 from source) and still a similar issue but a different error message (more descriptive now). I attempted with a couple of different browsers.Any ideas what I got wrong?address@hidden rpmbuild]# monit -IvAdding credentials for user 'admin'Runtime constants:Control file = /etc/monitrcLog file = /var/log/monit.logPid file = /run/monit.pidId file = /root/.monit.idState file = /root/.monit.stateDebug = TrueLog = TrueUse syslog = FalseIs Daemon = TrueUse process engine = TrueLimits = {= programOutput: 512 B= sendExpectBuffer: 256 B= fileContentBuffer: 512 B= httpContentBuffer: 1024 kB= networkTimeout: 5 s= programTimeout: 5 m= stopTimeout: 30 s= startTimeout: 30 s= restartTimeout: 30 s= }On reboot = startPoll time = 30 seconds with start delay 0 secondsStart monit httpd = Truehttpd bind address = 192.168.80.130httpd portnumber = 443httpd encryption = selfsigned: allow, pemfile: /etc/pki/tls/certs/server.cer, clientpemfile: /etc/pki/tls/certs/test.cerhttpd signature = Enabledhttpd auth. style = Basic AuthenticationThe service list contains the following entries:System Name = right.laptopMonitoring mode = activeOn reboot = startSwap usage limit = if greater than 25.0% then alertMemory usage limit = if greater than 75.0% then alertCPU usage limit = if greater than 95.0% for 10 cycles then alertLoad avg. (5min) = if greater than 2.0 then alertLoad avg. (1min) = if greater than 4.0 then alert------------------------------------------------------------ ------------------- pidfile '/run/monit.pid' does not existStarting Monit 5.22.0 daemon with http interface at [192.168.80.130]:443Starting Monit HTTP server at [192.168.80.130]:443Monit HTTP server started'right.laptop' Monit 5.22.0 started'right.laptop' swap usage check succeeded [current swap usage = 0.0%]'right.laptop' mem usage check succeeded [current mem usage = 17.1%]'right.laptop' cpu usage check succeeded [current cpu usage = 0.0%]'right.laptop' loadavg(5min) check succeeded [current loadavg(5min) = 0.4]'right.laptop' loadavg(1min) check succeeded [current loadavg(1min) = 0.3]'right.laptop' swap usage check succeeded [current swap usage = 0.0%]'right.laptop' mem usage check succeeded [current mem usage = 17.1%]'right.laptop' cpu usage check succeeded [current cpu usage = 1.1%]'right.laptop' loadavg(5min) check succeeded [current loadavg(5min) = 0.3]'right.laptop' loadavg(1min) check succeeded [current loadavg(1min) = 0.2]SSL: read error -- error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failureSSL: write error -- error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failureHttpRequest: error -- client [192.168.80.1]: HTTP/1.0 400 No request foundSSL: read error -- error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failureSSL: write error -- error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failureHttpRequest: error -- client [192.168.80.1]: HTTP/1.0 400 No request foundSSL accept error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate 'right.laptop' swap usage check succeeded [current swap usage = 0.0%]'right.laptop' mem usage check succeeded [current mem usage = 17.1%]'right.laptop' cpu usage check succeeded [current cpu usage = 1.1%]'right.laptop' loadavg(5min) check succeeded [current loadavg(5min) = 0.3]'right.laptop' loadavg(1min) check succeeded [current loadavg(1min) = 0.1]SSL accept error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate 'right.laptop' swap usage check succeeded [current swap usage = 0.0%]'right.laptop' mem usage check succeeded [current mem usage = 22.1%]'right.laptop' cpu usage check succeeded [current cpu usage = 25.6%]'right.laptop' loadavg(5min) check succeeded [current loadavg(5min) = 0.3]'right.laptop' loadavg(1min) check succeeded [current loadavg(1min) = 0.5]SSL: read error -- error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failureSSL: write error -- error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failureHttpRequest: error -- client [192.168.80.1]: HTTP/1.0 400 No request foundSSL: read error -- error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failureSSL: write error -- error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failureHttpRequest: error -- client [192.168.80.1]: HTTP/1.0 400 No request foundSSL: read error -- error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failureSSL: write error -- error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failureHttpRequest: error -- client [192.168.80.1]: HTTP/1.0 400 No request foundSSL: read error -- error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failureSSL: write error -- error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failureHttpRequest: error -- client [192.168.80.1]: HTTP/1.0 400 No request foundSSL: read error -- error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failureSSL: write error -- error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failureHttpRequest: error -- client [192.168.80.1]: HTTP/1.0 400 No request found'right.laptop' swap usage check succeeded [current swap usage = 0.0%]'right.laptop' mem usage check succeeded [current mem usage = 21.7%]'right.laptop' cpu usage check succeeded [current cpu usage = 15.8%]'right.laptop' loadavg(5min) check succeeded [current loadavg(5min) = 0.5]'right.laptop' loadavg(1min) check succeeded [current loadavg(1min) = 0.8]SSL: read error -- error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failureSSL: write error -- error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failureHttpRequest: error -- client [192.168.80.1]: HTTP/1.0 400 No request foundSSL accept error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate 'right.laptop' swap usage check succeeded [current swap usage = 0.0%]'right.laptop' mem usage check succeeded [current mem usage = 21.7%]'right.laptop' cpu usage check succeeded [current cpu usage = 3.1%]'right.laptop' loadavg(5min) check succeeded [current loadavg(5min) = 0.4]'right.laptop' loadavg(1min) check succeeded [current loadavg(1min) = 0.5]'right.laptop' swap usage check succeeded [current swap usage = 0.0%]'right.laptop' mem usage check succeeded [current mem usage = 21.6%]'right.laptop' cpu usage check succeeded [current cpu usage = 5.1%]'right.laptop' loadavg(5min) check succeeded [current loadavg(5min) = 0.4]'right.laptop' loadavg(1min) check succeeded [current loadavg(1min) = 0.3]'right.laptop' swap usage check succeeded [current swap usage = 0.0%]'right.laptop' mem usage check succeeded [current mem usage = 17.7%]'right.laptop' cpu usage check succeeded [current cpu usage = 7.7%]'right.laptop' loadavg(5min) check succeeded [current loadavg(5min) = 0.4]'right.laptop' loadavg(1min) check succeeded [current loadavg(1min) = 0.3]'right.laptop' swap usage check succeeded [current swap usage = 0.0%]'right.laptop' mem usage check succeeded [current mem usage = 17.7%]'right.laptop' cpu usage check succeeded [current cpu usage = 7.2%]'right.laptop' loadavg(5min) check succeeded [current loadavg(5min) = 0.3]'right.laptop' loadavg(1min) check succeeded [current loadavg(1min) = 0.2]^CShutting down Monit HTTP serverMonit HTTP server stoppedMonit daemon with pid [4010] stopped'right.laptop' Monit 5.22.0 stoppedOn Thu, Apr 27, 2017 at 2:52 PM, Bryan Harris <address@hidden> wrote:Well I'm not sure if I did it right. Here is what I did.yumdownloader --source monitcd /root/rpmbuildyum groupinstall "Development Tools"yum install openssl-devel pam-develNow I edit the 5.14 version in monit.spec instead to say 5.22.0. And I have to download the new source file because yumdownloader got the old one.Then after that I could do a rpmbuild -ba monit.spec and the build succeeds to make a package. I will have to test out the build since right now I am just about to get off work and drive home. Hopefully it will work fine.I don't know if it's right or not. I guess I shall see.V/r,BryanOn Thu, Apr 27, 2017 at 2:38 PM, SZÉPE Viktor <address@hidden> wrote:Hello Brian!
Try rebuilding monit:
http://pkgs.fedoraproject.org/cgit/rpms/monit.git/
Contact me if you need help.
All the best!
(contacts below)
Idézem/Quoting Bryan Harris <address@hidden>:SZÉPE Viktor
I see. Thanks for the help, I will give that a try first. I do wish the
EPEL folks kept newer versions but they are sometimes behind on things.
https://github.com/szepeviktor/debian-server-tools/blob/mast er/CV.md
--
+36-20-4242498 address@hidden skype: szepe.viktor
Budapest, III. kerület
testCertCapture.PNG
Description: PNG image
[Prev in Thread] | Current Thread | [Next in Thread] |