nagios4dd
nagios4dd copied to clipboard
fm4dd
Cannot download PNP4Nagios image file. Server response: 500 Can't connect to hostname
Hello! When i try send "graph" from pnp4nagios (https://hostname/pnp4nagios) script get error: Cannot download PNP4Nagios image file. Server response: 500 Can't connect to hostname:443
All variables set in my $pnp4nagios_auth = "true"; # $pnp4nagios_auth = "true"; my $server_port = "hostname:443"; # $server_port = "nagios.frank4dd.com:80"; my $auth_name = "Nagios Access"; # $auth_name = "pnp4nagios"; my $web_user = "pnp4nget"; # $web_user = "pnp4nget"; my $web_pass = "P@ssw0rd"; # $web_pass = "mypass";
And little change URL:
#$img_get = "$pnp4nagios_url/image?host=" . urlencode($o_hostname) . "&srv=" . urlencode($o_servicedesc) . "&source=0&start=$tstart&end=$tstamp"; $img_get = "$pnp4nagios_url/graph?host=" . urlencode($o_hostname) . "&srv=" . urlencode($o_servicedesc) . "&source=0&start=$tstart&end=$tstamp";
In debug eMail, when i get it, link to graph right. In browser i get it.
img_get | https://hostname/pnp4nagios/graph?host=hostname&srv=Total_Processes&source=0&start=1508344713&end=1508434713
Why you used "=>" ? vs ", "
# Check if web authentication is required if (defined($pnp4nagios_auth)) { $ua->credentials("$server_port", "$auth_name", "$web_user" => "$web_pass"); }
http://search.cpan.org/~benning/LWP-Protocol-connect-6.09/lib/LWP/Protocol/connect.pm
$ua->credentials("localhost:3128", "Squid proxy-caching web server", "user", "pw");
3.10.0-693.2.1.el7.x86_64 #1 SMP Fri Aug 11 04:58:43 EDT 2017 x86_64
OEL 7.4
rpm -qa | egrep 'LWP|IO'
perl-LWP-Protocol-https-6.04-4.el7.noarch
perl-IO-Socket-SSL-1.94-6.el7.noarch
perl-IO-Socket-INET6-2.69-5.el7.noarch
perl-LWP-MediaTypes-6.02-2.el7.noarch
perl-IO-HTML-1.00-2.el7.noarch
perl-IO-Socket-IP-0.21-4.el7.noarch
perl-IO-Compress-2.061-2.el7.noarch
Hi pilot513,
Why you used "=>" ? vs ", "
# Check if web authentication is required if (defined($pnp4nagios_auth)) { $ua->credentials("$server_port", "$auth_name", "$web_user" => "$web_pass"); }
Yes! This looks indeed like a bug that slipped through testing. Can you change it to "," test and report back? I have no immediate validation chance, and would appreciate!
The HTTP Error 500 also suggests this a protocol problem caused by the wrong function call. For authentication or access issues there would be a 401 or 403 returned.
Cheers Frank
Hi Frank
I replace "=>" to ", " in sub import_pnp_graph {} like this:
# Check if web authentication is required if (defined($pnp4nagios_auth)) { $ua->credentials("$server_port", "$auth_name", "$web_user", "$web_pass"); }
but error again:
/usr/local/src/scripts/nagios/pnp4n_send_service_mail.pl -v -t -p "MMS Branch" -r [email protected] -f multi -f graph -u -l en
main: trying to create the PNP4Nagios graph image. import_pnp_graph: Cannot download PNP4Nagios image file. Server response: 500 Can't connect to hostname:443 import_pnp_graph: Returning empty image file, format: gif
may be Auth function based on LWP::UserAgent not funct. correctly ? Because in browsers (like chromium, mozilla ) generated link opened correctly with login "pnp4nget"/ "P@ssw0rd"
The apache version: httpd-2.4.6-67.el7_4.2.x86_64 httpd-tools-2.4.6-67.el7_4.2.x86_64
Httpd configured on SSL-connection only
Hi pilot513,
Thank you for checking so far. For the web server error 500: Do you have access to the web server error log? Maybe there is additional info in the log message.
A general LWP::UserAgent problem is unlikely, it would cause widespread trouble beyond this script, and be visible through Google search.
Here is another thought: I just noticed your port is 443, indicating its a http/s connection. Could that be an issue? SSL/TLS should work, but I could not see your setting for $pnp4nagios_url. It should be something like:
my $pnp4nagios_url = "https://nagios.fm4dd.com/pnp4nagios";
If it were set to http, it may give the 500 error...
Frank
Yes, Frank
URL set correctly:
my $pnp4nagios_url = "https://hostname/pnp4nagios"; my $graph_history = 25; # in hours, a good range is between 12...48
In http (ssl_error.log) nothing .... I indeed because script don't connect to http daemon.
When i try get link (to generated graph) in log (ssl_access.log)
/var/log/httpd/ssl_access_log:10.189.16.200 - pnp4nget [19/Oct/2017:19:55:18 +0300] "GET /pnp4nagios/image?host=hostname&srv=Total_Processes&source=0&start=1508341239&end=1508431239&view=0 HTTP/1.1" 200 18469 /var/log/httpd/ssl_access_log:10.189.16.200 - pnp4nget [19/Oct/2017:19:55:18 +0300] "POST /pnp4nagios//ajax/filter/set-sfilter HTTP/1.1" 200 -
Hi pilot513,
I ran across a similar issue this week that could be exactly your issue. The problem comes from using https with Perl LWP, which throws an HTTP error 500 when a certificate fails to verify. Since the script did not provision a way to verify certs, it would fail.
Quick fix-1, change:
682 # Download the image
683 my $ua = LWP::UserAgent->new( );
to:
682 # Download the image
683 my $ua = LWP::UserAgent->new(ssl_opts =>{verify_hostname => 0, SSL_verify_mode => 0x00});
This will disable checking the cert, and suppress the HTTP 500 error "certificate verification failed".
Of course in security-sensitive environments, its better to handle https correctly by verifying the certificate and let connections fail when insecure algoritms such as MD5 or SHA1 are encountered. In that case, googling for "Perl LWP https" helps to find information on how to configure it. Since there is quite a number of things that can fail with SSL/TLS, debugging the connection result after "$ua->get()" may become necessary: e.g. by temporarily using;
print "Debug Response: " . $res->status_line;
I hope this helps fixing your error. If you are able to confirm, I can update the script for adding this setting.
Best wishes, Frank