Directory

acecile

Listings(0)

Reviews(1)

Favourites(0)

check_ldap

Need to modification to enable TLSv1.2

byacecile, October 31, 2024

In case the script just fails with CRITICAL and no error msg, it is because $ldap has not be created due to SSL cipher negociation problem.

Patch below fixes the issue:

--- check_ldap.pl.orig 2024-11-01 09:43:44.616030489 +0100
+++ check_ldap.pl 2024-11-01 09:43:51.356022937 +0100
@@ -113,9 +113,9 @@
}
} else {
if (defined($o_port)) {
- $ldap = Net::LDAPS->new( $o_host, port => $o_port, version => 3, timeout => $o_timeout );
+ $ldap = Net::LDAPS->new( $o_host, port => $o_port, version => 3, timeout => $o_timeout, sslversion => 'tlsv1_2' );
} else {
- $ldap = Net::LDAPS->new( $o_host, port => $o_ldaps_port, version => 3, timeout => $o_timeout );
+ $ldap = Net::LDAPS->new( $o_host, port => $o_ldaps_port, version => 3, timeout => $o_timeout, sslversion => 'tlsv1_2' );
}
}

Nagios, the Nagios logo, and Nagios graphics are the servicemarks, trademarks, or registered trademarks owned by Nagios Enterprises. All other servicemarks and trademarks are the property of their respective owner. The files and information on this site are the property of their respective owner(s). Nagios Enterprises makes no claims or warranties as to the fitness of any file or information on this website, for any purpose whatsoever. In fact, we officially disclaim all liability. We do, however, think these community contributions are pretty damn cool. Website Copyright © 2009-2024 Nagios Enterprises, LLC. All rights reserved.