Skip to main content

Hello,
I have an issue checking certificate on some hosts.
The output is the following :

UNKNOWN: Error creating SSL socket: , SSL error: SSL connect attempt failed error:0A000086:SSL routines::certificate verify failed

I run the following command :

/bin/sh -c '/usr/lib/centreon/plugins/centreon_protocol_x509.pl --plugin=apps::protocols::x509::plugin --mode=certificate --custommode='\''tcp'\'' --hostname='\''HOST.domain.local\'' --port=443 --warning-status='\''%{expiration} < 60'\'' --critical-status='\''%{expiration} < 30'\'' --ssl-ignore-errors'

What strange is that the same command work on another host 

 

Hello,
I have an issue checking certificate on some hosts.
The output is the following :

UNKNOWN: Error creating SSL socket: , SSL error: SSL connect attempt failed error:0A000086:SSL routines::certificate verify failed

I run the following command :

/bin/sh -c '/usr/lib/centreon/plugins/centreon_protocol_x509.pl --plugin=apps::protocols::x509::plugin --mode=certificate --custommode='\''tcp'\'' --hostname='\''HOST.domain.local\'' --port=443 --warning-status='\''%{expiration} < 60'\'' --critical-status='\''%{expiration} < 30'\'' --ssl-ignore-errors'

What strange is that the same command work on another host 

 

Based on your command, it seems that the domain associated to your certificate is expected to be HOST.domain.local, is it simply an anonymised value ?

Else the error on centreon says that the hostname couldn’t be verified, so maybe an issue on the hostname configuration of that specific host (on the OS side) ?

Hello,

Yes it is anonymised value.

 

I manage to find out why, even if the Root CA was on the system, we need to push also the Subordinate CA to have the full chain. It look like strange but this solve my issue.

 

Regards.

 

Terms & ConditionsCookie settingsAccessibility statement