我最近安装了monit(在debian上),一切正常。 现在我想启用ssl支持。 我做了我在文档中find的内容:
set httpd port 2812 ssl enable pemfile /etc/ssl/certs/ssl-cert-snakeoil.pem 现在,我不但不能通过https://myserver.com:2812通过web访问服务器,而且monit守护进程和monit命令之间的通信也失败:
$# monit status monit: Openssl read timeout error! monit: error connecting to the monit daemon
似乎你没有生成一个SSL证书。 这里有一些指针(我已经在我的Ubuntu上完成了)。
确保Openssl在您的系统上可用,如果不是apt-get install openssl
/var/certs cd /var/certs monit.cnf的文件,复制/粘贴下面的文件,然后保存并closures文件: #create RSA certs - Server RANDFILE = ./openssl.rnd [ req ] default_bits = 1024 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type [ req_dn ] countryName = Country Name (2 letter code) countryName_default = MO stateOrProvinceName = Ile de France stateOrProvinceName_default = Monitoria localityName = Paris localityName_default = Monittown organizationName = the_company organizationName_default = Monit Inc. organizationalUnitName = Organizational Unit Name organizationalUnitName_default = Dept. of Monitoring Technologies commonName = Common Name (FQDN of your server) commonName_default = server.monit.mo emailAddress = Email Address emailAddress_default = [email protected] [ cert_type ] nsCertType = server
enter键): openssl req -new -x509 -days 365 -nodes -config ./monit.cnf -out /var/certs/monit.pem -keyout /var/certs/monit.pem
chmod 700 /var/certs/monit.pem (在我的情况下user:group pem文件的user:group是root:root ) 在你的monitrcconfiguration文件中设置以下内容:
set httpd port 2812 ssl enable pemfile /var/certs/monit.pem allow user:pass
重新启动monit
应该pipe用 ! 现在,您可以将自己的真实信息放在monit.cnf文件中,然后再次运行openssl命令。