Announcement

Collapse
No announcement yet.

centreon-broker & TLS

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • centreon-broker & TLS

    Hello,

    We want to make exchange secure with TLS module, but there is very few information in logs, or in debug mode.

    There is no error at all, but when we force TLS on the broker conf, we have "TCP Peer disconnected" all the time.

    our certificate is valid, and signed from an intermediate CA, we put intermediate CA and root CA in the same PEM file in "trusted CA certificate"

    How can we troubleshoot this ?

    I've seen in source code some try/catch and error output, but doesn't seems to output in logs.

    We tried to connect with openssl s_client but it fails like the TLS module doesn't respond


    Code:
    openssl s_client -connect 192.168.28.89:5669 -cert /usr/local/centreon-broker/ssl/pix-poller-6-auto.crt -key /usr/local/centreon-broker/ssl/pix-poller-6.key -state
    CONNECTED(00000003)
    SSL_connect:before/connect initialization
    SSL_connect:SSLv2/v3 write client hello A
    139890591458984:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:
    ---
    no peer certificate available
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 0 bytes and written 290 bytes
    ---
    New, (NONE), Cipher is (NONE)
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    SSL-Session:
        Protocol  : TLSv1.2
        Cipher    : 0000
        Session-ID:
        Session-ID-ctx:
        Master-Key:
        Key-Arg   : None
        PSK identity: None
        PSK identity hint: None
        SRP username: None
        Start Time: 1533827152
        Timeout   : 300 (sec)
        Verify return code: 0 (ok)
    ---
    Thank you.
Working...
X