[monit-dev] SSL and certmd5

monit-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[monit-dev] SSL and certmd5

From:	Alex
Subject:	[monit-dev] SSL and certmd5
Date:	Mon, 28 Mar 2011 13:27:45 -0400

Hi. I've had trouble in the past trying to find a value for certmd5
that would be accepted by Monit. No matter what I tried, I always
received an error stating that the hash was invalid.

My process for finding the certmd5 value is as follows:
openssl s_client -connect server:port

Copy the certificate

openssl x509 -noout -fingerprint -md5

Paste the certificate
Strip out the `:' and paste in to monitrc.

Unfortunately, the hash generated by openssl is not accepted by Monit.
That is to say, it is syntactically valid, but the hash is reported as
being incorrect. I took a look at the code to try and see what was
wrong. I've rewritten a small part of ssl.c to fix the problem. A diff
against r351 is attached. This is just a hack to get it working and is
by no means intended to be included as-is in the trunk.

Feedback is always appreciated, thank you.

-- 
Alex

certmd5.diff
Description: Text Data

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[monit-dev] SSL and certmd5, Alex <=

Prev by Date: [monit-dev] [monit] r351 committed - * Fix crash when monit daemon start delay option was used and monit...
Next by Date: [monit-dev] [monit] r352 committed - 5.2.5
Previous by thread: [monit-dev] [monit] r351 committed - * Fix crash when monit daemon start delay option was used and monit...
Next by thread: [monit-dev] [monit] r352 committed - 5.2.5
Index(es):
- Date
- Thread