Geo*_*olz 2 ssl debian https monit
我最近安装了 monit(在 debian 上)并且一切正常。现在我想启用 ssl 支持。我做了我在文档中找到的内容:
set httpd port 2812
ssl enable
pemfile /etc/ssl/certs/ssl-cert-snakeoil.pem
现在,我不仅无法使用https://myserver.com:2812通过 Web 访问服务器,而且 monit 守护程序和 monit 命令之间的通信也失败了:
$# monit status
monit: Openssl read timeout error!
monit: error connecting to the monit daemon
似乎您没有生成 SSL 证书。这里有一些提示(我已经在我的 Ubuntu 上完成了)。
确保Openssl在您的系统上可用,如果没有apt-get install openssl
/var/certscd /var/certsmonit.cnf并将以下内容复制/粘贴到其中,然后保存并关闭文件:Run Code Online (Sandbox Code Playgroud)#create RSA certs - Server RANDFILE = ./openssl.rnd [ req ] default_bits = 2048 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type [ req_dn ] countryName = Country Name (2 letter code) countryName_default = MO stateOrProvinceName = Ile de France stateOrProvinceName_default = Monitoria localityName = Paris localityName_default = Monittown organizationName = the_company organizationName_default = Monit Inc. organizationalUnitName = Organizational Unit Name organizationalUnitName_default = Dept. of Monitoring Technologies commonName = Common Name (FQDN of your server) commonName_default = server.monit.mo emailAddress = Email Address emailAddress_default = root@monit.mo [ cert_type ] nsCertType = server
enter每次提示您输入信息时按):openssl req -new -x509 -days 365 -nodes -config ./monit.cnf -out /var/certs/monit.pem -keyout /var/certs/monit.pem
chmod 700 /var/certs/monit.pem在我的情况下user:group,pem 文件是root:root)在您的monitrc配置文件中设置以下内容:
set httpd port 2812
ssl enable
pemfile /var/certs/monit.pem
allow user:pass
重新开始 monit
然后它起作用了!现在由您将真实信息放入monit.cnf文件中并openssl再次运行命令。
| 归档时间: |
|
| 查看次数: |
4729 次 |
| 最近记录: |