It looks like the Bionic TLS client rejects the server picked DH param (512 bits) as being too small. We can see this at work in the attached pcap where 172.22.30.2 is Xenial/TLS server/NRPE server and 172.22.30.66 is the Bionic/TLS client/check_nrpe.
** Attachment added: "nrpe-dh-too-small.pcap" https://bugs.launchpad.net/ubuntu/+source/nagios-nrpe/+bug/1782650/+attachment/5238901/+files/nrpe-dh-too-small.pcap -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1782650 Title: nrpe plugin in bionic fails with "Error - Could not complete SSL handshake" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nagios-nrpe/+bug/1782650/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
