[Pkg-nagios-devel] Bug#730471: check_ldaps actually tries STARTTLS
Daniel Pocock
daniel at pocock.com.au
Mon Nov 25 11:24:29 UTC 2013
Package: nagios-plugins-standard
Version: 1.4.16-1
Consider the following:
# /usr/lib/nagios/plugins/check_ldaps -H ldap -b dc=example,dc=org
Could not init startTLS at port 389!
It is actually trying to do STARTTLS on port 389 - that is not the same
as ldaps
The name "check_ldaps" implies ldaps://
ldaps is not STARTTLS,
- ldaps is an SSL encrypted session from the beginning (STARTTLS implies
enabled encryption after some initial LDAP handshaking)
- it should default to port 636
Manually forcing it like this makes it work (also see bug 730470 which
requires a workaround to really make this work):
/usr/lib/nagios/plugins/check_ldaps -H ldap -b dc=example,dc=org -p 636 -3
More information about the Pkg-nagios-devel
mailing list