Nagios Support Forum

Here's what I'm getting in the log:

[Sun May 20 04:02:12 2012] [notice] Digest: generating secret for digest authentication ...
[Sun May 20 04:02:12 2012] [notice] Digest: done
PHP Warning: Module 'SourceGuardian' already loaded in Unknown on line 0
[Sun May 20 04:02:12 2012] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Sun May 20 04:02:12 2012] [notice] Apache/2.2.22 (Unix) DAV/2 PHP/5.2.17 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8 configured -- resuming normal operations
[Mon May 21 15:29:41 2012] [notice] caught SIGTERM, shutting down
[Mon May 21 15:29:41 2012] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Mon May 21 15:35:05 2012] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Mon May 21 15:35:05 2012] [notice] Digest: generating secret for digest authentication ...
[Mon May 21 15:35:05 2012] [notice] Digest: done
PHP Warning: Module 'SourceGuardian' already loaded in Unknown on line 0
[Mon May 21 15:35:05 2012] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Mon May 21 15:35:05 2012] [notice] Apache/2.2.22 (Unix) DAV/2 PHP/5.2.17 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8 configured -- resuming normal operations
[Mon May 21 15:49:05 2012] [notice] caught SIGTERM, shutting down
[Mon May 21 15:49:05 2012] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)

here's another one from the ssl error log:

Mon May 21 15:29:41 2012] [error] Unable to configure RSA server private key
[Mon May 21 15:29:41 2012] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
[Mon May 21 15:35:05 2012] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon May 21 15:35:05 2012] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Mon May 21 15:35:05 2012] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon May 21 15:35:05 2012] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Mon May 21 15:49:05 2012] [warn] RSA server certificate CommonName (CN) `cordmon1' does NOT match server name!?
[Mon May 21 15:49:05 2012] [error] Unable to configure RSA server private key
[Mon May 21 15:49:05 2012] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
[Mon May 21 15:55:22 2012] [warn] RSA server certificate CommonName (CN) `cordmon1' does NOT match server name!?
[Mon May 21 15:55:22 2012] [error] Unable to configure RSA server private key
[Mon May 21 15:55:22 2012] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
[Mon May 21 15:55:31 2012] [warn] RSA server certificate CommonName (CN) `cordmon1' does NOT match server name!?
[Mon May 21 15:55:31 2012] [error] Unable to configure RSA server private key
[Mon May 21 15:55:31 2012] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
[Mon May 21 16:02:50 2012] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon May 21 16:02:50 2012] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Mon May 21 16:02:51 2012] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon May 21 16:02:51 2012] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Mon May 21 16:17:42 2012] [warn] RSA server certificate CommonName (CN) `cordmon1' does NOT match server name!?
[Mon May 21 16:17:42 2012] [error] Unable to configure RSA server private key

Do you get any errors when you run the following command?

Here's what I get:
[Mon May 21 16:45:48 2012] [warn] RSA server certificate CommonName (CN) `cordmon1' does NOT match server name!?
[Mon May 21 16:45:48 2012] [error] Unable to configure RSA server private key
[Mon May 21 16:45:48 2012] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

Have you modified your httpd.conf in the past to specify a ServerName ?

Can you post your /etc/httpd/conf.d/nagiosxi.conf

Hi,

No, I have not modified the http.conf to specify a servername.

<Directory "/usr/local/nagiosxi/html">
# SSLRequireSSL
Options None
AllowOverride None
Order allow,deny
Allow from all
# Order deny,allow
# Deny from all
# Allow from 127.0.0.1
# AuthName "Nagios xi"
# AuthType Basic
# AuthUserFile /usr/local/nagiosxi/etc/htpasswd.users
# Require valid-user
</Directory>

Alias /nagiosxi "/usr/local/nagiosxi/html"

Thanks.

I think you might of missed page2 and page 3 of the document....

http://assets.nagios.com/downloads/nagi ... ios_xi.pdf

Hi,

I did not perform the steps yet on page 2 because at the end of page 1, it tells you to restart httpd which I did and httpd fails to start. Do I continue on to page 2 even though httpd will not start?

Thanks.

So, to be clear when doing this step You did copy over the same .crt .key .csr files used to make each other? They need to match the info put into them.

Yes, I did.