NRPE server w/ signed certs working but only in test mode


#1

I have NSCP 0.5.2.39 (latest stable) version working with signed SSL certs (and even peer-cert verify mode), but it only works from the command “./nscp test”.

When I run it as a service, “check_nrpe” times out (as the NRPEServer of nscp.exe is not even listening on port 5666).

The nsclient.log reads:

error:B:\master\x64\dist\modules\NRPEServer\module.cpp:37: Exception in Failed to load NRPEServer: : Failed to open file: security/ca.pem

and

error:c:\source\master\service\plugin_manager.cpp:230: Plugin refused to load: NRPEServer


#2

I figured this one out. If the “c:\program files\nsclient++\security\nrpe_dh_512.pem” exists, for some reason the NRPE server does not load (with signed cert configured).

By removing the “nrpe_dh_512.pem” file, the NSClient++ with signed certificate works.