HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   Server Monitoring With munin And monit - Page 2 (http://www.howtoforge.com/forums/showthread.php?t=3954)

Hans 27th April 2006 14:24

Server Monitoring With munin And monit - Page 2
 
Falko,

On the Debian server i want to monitor there is ISPConfig installed.
Can i enable SSL and create a certicate via ISPConfig in stead of doing this:

Now we create the certificate like this:

Now we must create the file /var/www/www.example.com/web/monit/token and write some random string into it:

mkdir /var/www/www.example.com/web/monit
echo "hello" > /var/www/www.example.com/web/monit/token

Next we create the pem cert (/var/certs/monit.pem) we need for the SSL-encrypted monit web interface:

mkdir /var/certs
cd /var/certs

We need an OpenSSL configuration file to create our certificate. It can look like this:

vi /var/certs/monit.cnf

# create RSA certs - Server


RANDFILE = ./openssl.rnd


[ req ]

default_bits = 1024

encrypt_key = yes

distinguished_name = req_dn

x509_extensions = cert_type


[ req_dn ]

countryName = Country Name (2 letter code)

countryName_default = MO


stateOrProvinceName = State or Province Name (full name)

stateOrProvinceName_default = Monitoria


localityName = Locality Name (eg, city)

localityName_default = Monittown


organizationName = Organization Name (eg, company)

organizationName_default = Monit Inc.


organizationalUnitName = Organizational Unit Name (eg, section)

organizationalUnitName_default = Dept. of Monitoring Technologies


commonName = Common Name (FQDN of your server)

commonName_default = server.monit.mo


emailAddress = Email Address

emailAddress_default = root@monit.mo


[ cert_type ]

nsCertType = server

Now we create the certificate like this:

openssl req -new -x509 -days 365 -nodes -config ./monit.cnf -out /var/certs/monit.pem -keyout /var/certs/monit.pem
openssl gendh 512 >> /var/certs/monit.pem
openssl x509 -subject -dates -fingerprint -noout -in /var/certs/monit.pem
chmod 700 /var/certs/monit.pem


---
Hans

falko 27th April 2006 16:31

No. The certificate is for the monit web interface on port 2812; it has nothing to do with your Apache web sites.

Hans 27th April 2006 22:20

Learning all the time
 
Thanks Falko,

I had to ask you that because i do not know a lot about SSL and certificates.

I want you to know that Monit and Munin are up and running now on my Debian server.

Now i am going to create a new small website for my subdomain:
monitor.myhostingcompany.tld and i integrate the links under the buttons to Monit and Munin. I also add some other administrative tools too.

It looks really cool already.

Thanks again for this really nice "How to".

Hans

sjau 27th April 2006 22:38

Another nice "stats/monitoring" tool is mailgraph. Maybe you also want to include it into your monitoring subdomain ^^

http://people.ee.ethz.ch/~dws/software/mailgraph/

Hans 28th April 2006 06:40

Monit alert
 
Nice to know.

I received two times an e-mail from the system since i have installed monit:

The contents is:

Changed Service postfix

Date: Thu, 27 Apr 2006 23:59:08 +0200
Action: alert
Host: server1.mydomain.tld

Your faithful employee,
monit

'postfix' process PID changed to <IDnr>

Why do i receive this and is it something to worry about?

falko 28th April 2006 14:08

Quote:

Originally Posted by Hans
Nice to know.

I received two times an e-mail from the system since i have installed monit:

The contents is:

Changed Service postfix

Date: Thu, 27 Apr 2006 23:59:08 +0200
Action: alert
Host: server1.mydomain.tld

Your faithful employee,
monit

'postfix' process PID changed to <IDnr>

Why do i receive this and is it something to worry about?

This means that Postfix has been restarted and has a different PID now. It's just a notification. Postfix has been restarted by an ISPConfig cron job, so that's ok. :)

Hans 28th April 2006 16:17

Good to know.

The info generated by the two apps is really nice.
I have to teach about the interpretation. But everything looks good.

Hans


All times are GMT +2. The time now is 11:15.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.