We need more information to help. Can you check the same thing using curl or an NRPE plugin like check_http? There could be many things going on there like SNI, TLS verification, no CA file, Apache virtual hosts, IP bindings, etc. If you have a browser on
that server, try hitting the same URL. If you don't then try elinks or a text-based browser and see what it says when hitting that URL. Certs aren't going to match
https://localhost so VERIFY DISABLE must be set.
From: monit-general <monit-general-bounces+djones=[hidden email]> on behalf of Guillaume François <[hidden email]> Sent: Wednesday, July 3, 2019 8:16 AM To: This is the general mailing list for monit Subject: Issue with TCP test for HTTPS
I'm using the last version of Monit 5.25.3 on a CentOS fully upgraded but since some updates I'm having an issue with this test on Apache HTTPD
if failed port 443 protocol https with timeout 15 seconds for 3 times within 5 cycles then alert
[CEST Jul 3 15:05:00] warning : 'apache-ns353666-prod' failed protocol test [HTTP] at [localhost]:443 [TCP/IP TLS] -- SSL server certificate verification error: unable to get local issuer certificate