If you find this error in nagios for a particular server, this means nothing but the nrpe check from nagios server cannot able to complete the service check to client server.
You can check this through command line itself, run the following in nagios server.
# /usr/local/nagios/libexec/check_nrpe -H hostname/clientserverIP -c check_load
CHECK_NRPE: Error – Could not complete SSL handshake.
You may need to cover different scenarios for this to troubleshoot.
1) Check if the particular check is available in client server (For example, check_load, 3ware_check, mail_count etc)
2) Check if xinetd or nrpe stopped running,otherwise try to restart it.
# /etc/init.d/xinetd restart
# /etc/init.d/nrpe restart
3) Make sure you allowed the nagios IP in /etc/xinetd.d/nrpe if nrpe is running under xinetd,like as getting in netstat result.
# netstat -plan | grep :5666
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 25022/xinetd
Check the parameter “only_from” in this file whether allowed nagios IP there.
Then restart xinetd
# /etc/init.d/xinetd restart
OR
Make sure you allowed the nagios IP in /etc/nagios/nrpe.cfg if nrpe is not running under xinetd and as nrpe user itself, like as getting in netstat result.
# netstat -plan | grep :5666
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 248184/nrpe
Make changes to value of parameter “allowed_hosts” in /etc/nagios/nrpe.cfg to as shown below
allowed_hosts=127.0.0.1,nagioserverip
Then restart nrpe
# /etc/init.d/nrpe restart
4) Try to whitelist nagios server IP in firewall.
- Tags:
- nagios
- NRPE
- server monitoring