TECHZEN Zenoss User Community ARCHIVE  
FORUMS / Configuration & Administration / DISCUSSION

HTTP monitoring

Subject: HTTP monitoring
Author: Nicholas Arellano
Posted: 2020-03-09 10:44

​We are trying to use Zenoss to monitor one of our URL through the http monitor and receive 'Connection was refused by other side: 111: Connection refused.' We have a legacy monitoring system where we have tested this same URL and unable to monitor unless we choose the option to 'Accept untrusted certificates for HTTPS' and then we are able to monitor. Is there a way for Zenoss to accept the untrusted certificates for HTTPS as well or what is the method to bypass the untrusted certificates.

------------------------------
Nicholas Arellano
Administrator
CPS Energy
San Antonio TX
------------------------------

Subject: RE: HTTP monitoring
Author: Larry Ouellette
Posted: 2020-03-10 09:07

We have a similar problem with websites with self-signed certificates.  The web page checks worked fine with our on-premises Zenoss 425, but do not work after our migration to Zenoss Cloud (with on-premises collectors in the same subnet as our 425 environment).  I reported the issues to Zenoss Support, and after some investigation they found that the WebTX code does not allow untrusted, non CA-signed certs to go through.
Their suggestion was to have CA-signed certs, or wait for a potential, someday, maybe exception to be allowed in the WebTX code.

------------------------------
Larry Ouellette
Automation Administrator
Boston University - IS&T
Boston Massachusetts
617-353-9190
------------------------------
Subject: RE: HTTP monitoring
Author: Ryan Matte
Posted: 2020-03-10 15:56

What version of the HTTPMonitor pack are you using?  The latest version (3.1.0) should work regardless of whether a certificate is self-signed / untrusted or not.  The code 111 that you are getting is just the "Connection Refused" code.  That's a socket level error and that would happen before you even got to the certificate negotiation part of the connection.  I really think something else is going on there.  Are you able to telnet to the host / port that you're trying to connect to from the collector host or from inside the zencommand container?  Are you sure you've configured the HTTPMonitor datasource properly?

------------------------------
Ryan Matte
------------------------------


< Previous
Zope RoleManager Auth Redirect 		  Next
How to delete old metrics 		>