Remote-Poller setup fails mysteriously

[rvk]

Hi everyone!

I'm an apprentice and my final project is the creation of a ESXi Template with a cacti remote poller on it.

It has been going pretty good, but i'm now stuck and have been stuck for a few days.

I cannot, for the love of god, get the remote poller to connect to the database in the setup screen.

On the main-poller host i have an Ubuntu Server 18 with php7.2.24 and mysql 14.14 running cacti 1.2.11. It's a migrated database from what used to be cacti 0.8.6 or somethin on Ubuntu 14.04 back in 2015.
The remote-poller is a virtual machine running Ubuntu Server 18 with php 7.2.24 and mysql 14.14 running cacti 1.2.12


I have set up a username for the r-poller in the mysqlDB on the main poller host. It has REQUIRE X509.
The remote poller mysqlDB has a user to accept connections from the main poller. This also requires X509.

Now, the connection works perfectly if i do

Code: Select all

sudo -u www-data mysql -u cacti_remoteuser -p --ssl-cert=/opt/cacti/client_HaeDCTCacti01.crt --ssl-key=/opt/cacti/client_HaeDCTCacti01.key --ssl-ca=/etc/mysql/ca.crt -h maincacti.tld -P 3306

It works in both directions with the respective users.

But when i click on "Test Connection" in the installer on the remote cacti, i just get "Connection failed".
The SQL Server logs twelve messages when i do that: "2020-05-07T20:52:35.355802Z 6204920 [Note] Got an error reading communication packets"
12 times the same message.

I have quadruple-checked that the certificates can be read by www-data and the paths are correct.

I'm at the end of my wits here and would sincerely appreciate if someone was able to help me get to the bottom of this problem.


config.php on remote poller

Code: Select all

$database_type     = 'mysql';
$database_default  = 'cacti';
$database_hostname = 'localhost';
$database_username = 'cacti';
$database_password = 'PASSWORD';
$database_port     = '3306';
$database_retries  = 5;
$database_ssl      = false;
$database_ssl_key  = '';
$database_ssl_cert = '';
$database_ssl_ca   = '';

$rdatabase_type     = 'mysql';
$rdatabase_default  = 'cacti';
$rdatabase_hostname = 'maincacti.fqdn';
$rdatabase_username = 'cacti_remoteuser';
$rdatabase_password = 'PASSWORD';
$rdatabase_port     = '3306';
$rdatabase_retries  = 5;
$rdatabase_ssl      = true;
$rdatabase_ssl_key  = '/opt/cacti/client_HaeDCTCacti01.key';
$rdatabase_ssl_cert = '/opt/cacti/client_HaeDCTCacti01.crt';
$rdatabase_ssl_ca   = '/etc/mysql/ca.crt';

$poller_id = 127;

the rest is at default settings.

Code: Select all

$ sudo -u www-data -g www-data file /opt/cacti/client_HaeDCTCacti01.key
/opt/cacti/client_HaeDCTCacti01.key: ASCII text
$ sudo -u www-data -g www-data file /opt/cacti/client_HaeDCTCacti01.crt
/opt/cacti/client_HaeDCTCacti01.crt: PEM certificate
$ sudo -u www-data -g www-data file /etc/mysql/ca.crt
/etc/mysql/ca.crt: PEM certificate

this is supposed to tell you that i can indeed connect remotely to the main cacti db

Code: Select all

show processlist ;
| Id      | User  | Host            | db    | Command | Time | State     | Info
| 6275528 | cacti_remoteuser     | remotepoller.fqdn:42572 | NULL  | Sleep   |   55 |

[bmfmancini]

if you are still having this issue I would love to work with you on it live

reach out to me and we can setup a zoom call or something