Error: “ldap_bind: Can’t contact LDAP server (-1)” on nagios check
Nagios check_ldaps plugin working with SSL or TLS
Error:
[root@nagios libexec]# ./check_ldaps -H 10.0.0.51 -w 10 -c 15 -b dc=tolven,dc=com -p 636 -v
ldap_bind: Can't contact LDAP server (-1) additional info: TLS error -8172:Peer's certificate issuer has been marked as not trusted by the user. Could not bind to the LDAP server
To fix this issue, simple understand the client is not issuing certificate, The client environment is not fully configured. so I configure the bellow setting. It works charm in both ways, byt ignoring the SSL check or adding client certificate,
Create new configuration file if not exist, /etc/openldap/ldap.conf
Ignoring SSL certificate, Add the bellow settings
TLS_REQCERT never
TLS_CACERT /etc/openldap/certs/ldap-client-ca.crt
Output:
root@nagios libexec]# ./check_ldaps -H 10.0.0.51 -w 10 -c 15 -b dc=tolven,dc=com -p 636 -v LDAP OK - 0.062 seconds response time|time=0.061526s;10.000000;15.000000;0.000000