We have set up PRTG in our environment, just one core server. In our attempts to remediate a lot of sensors in red /failed state, we recently came across two exchange servers that amongst other things were giving errors for the SSL Certificate Sensor (port 465) sensors, specificially we are g etting the error of: "SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol" even after doing all the steps such as disabling the TLS 1.0, and TLS 1.1, etc and enabling the TLS 1.2 and checking to make sure the fingerprint matched and that the cert wasn't invalid nor was it expired. Double checked and cross referenced the certs in Certmgr.msc, with that of the ones reported in IIS, and checked in the exchange ecp to make sure the cert fingerprint matches. We can telnet to the exchange server on that port 465, and we can scan it as open/active with other tools, and see it in netstat as corrrelating to the correct PID corresponding to the Exchange EdgeTransport.exe
To rule out being a bug or issue with PRTG itself, I have contacted the support from inside the application ticketing system but for days now haven't heard anything, even though subsequent and unrelated issues that have been opened with PRTG since then have already been responded to and largely resolved etc.
For our exchange servers, the PRTG sensors on different ports will recongize, but for whatever reason, no matter what we have tried, it doesn't see port 465 or otherwise is erroring out with SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol with no other more detailed or specific errors. This is worrysome because we have already confirmed the port to be open, the cert to be valid, the bindings exists in IIS, and the exchange server can be telnet'd to.... So why does PRTG sensor for this " SSL Certificate Sensor (port 465)" not pick up on it at all and immediately go red with the above aforementioned error(s)???
Add comment