[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [monit-dev] [PATCH] V2 bugfix when having clientpemfile with httpd a
|
From: |
Jan-Henrik Haukeland |
|
Subject: |
Re: [monit-dev] [PATCH] V2 bugfix when having clientpemfile with httpd and monit status not working |
|
Date: |
Mon, 2 Jan 2012 17:30:33 +0100 |
Hi Markus
Thank you very much. These functions definitely needs to be patched so they
will work as expected. Some refactoring must have removed this as I'm pretty
sure this was supported before. Thanks again!
Best regards
On Jan 2, 2012, at 9:48 AM, Markus Linnala wrote:
> With this config:
>
> set httpd port 2812
> allow localhost
> SSL ENABLE
> PEMFILE /etc/certs/monit.pem
> CLIENTPEMFILE /etc/certs/monit-client.pem
>
> I got:
>
> # monit status
> monit: cannot read status from the monit daemon
>
> And at monit.log:
>
> [EET Dec 28 15:01:56] error : monit: The client did not supply a required
> client certificate!
> [EET Dec 28 15:01:56] error : monit: cannot read status from the monit
> daemon
>
> I expect to get working status.
>
> I have attached patch to fix this situation. Use clientpemfile for status
> connection too it is set.
>
> Patch adds clientpemfile to Ssl_T and then fill it when initializing status
> socket. Same idea as at sendmail open_server. And then it tries to free
> memory whenever we free certmd5.
>
> Patch is lightly tested.
>
> V1 -> V2
> - handle monitor command too
>
> --
> Markus Linnala, Chief Systems Architect
> Cybercom Finland
> Pakkahuoneenaukio 2 A; 33100 Tampere
> Mobile +358 40 5919 735
> address@hidden
>
> www.cybercom.fi | www.cybercom.com
>
> <monit-5.3.2-maage-clientcertssl-V2.patch>_______________________________________________
> monit-dev mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/monit-dev