aboutsummaryrefslogtreecommitdiff
path: root/plugins/check_http.c
diff options
context:
space:
mode:
authorGravatar Holger Weiss <holger@zedat.fu-berlin.de> 2012-05-07 12:11:48 +0200
committerGravatar Holger Weiss <holger@zedat.fu-berlin.de> 2012-05-07 12:11:48 +0200
commit5a5d3d7013dbc098a5fed9831fa443af93bdd983 (patch)
tree5e989f7a3e3f77e454290613a52026de00175c35 /plugins/check_http.c
parentefa2a32a167a0395f5430b56da437cc96cc276e8 (diff)
downloadmonitoring-plugins-5a5d3d7013dbc098a5fed9831fa443af93bdd983.tar.gz
Disable stateless SSL session resumption
Some versions of OpenSSL fail to negotiate the SSL connection with at least some versions of Tomcat if stateless SSL session resumption support (see RFC4507) is enabled: | CRITICAL - Cannot make SSL connection | 140099330348712:error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message:s3_pkt.c:1195:SSL alert number 10 The problem is reproducible with OpenSSL 1.0.0h, but not with OpenSSL 0.9.8o-4squeeze12 (as shipped with Debian 6.0.4). We work around it by disabling the RFC4507 functionality when using OpenSSL versions which support it. Thanks to Dag Bakke for reporting the issue and for giving me access to a server I could use to reproduce the problem.
Diffstat (limited to 'plugins/check_http.c')
0 files changed, 0 insertions, 0 deletions