Introducing Winrpe with Full SSL capability


As described at a Nagios tracker post - "The SSL option of the NRPE plugin and server does not perform any kind of authentication. It has no certificates, only a DH key, which is generated at compile time. Compiling the packages with one’s own DH parameters doesn’t make it secure either. It's still anon-DH and you can connect to just any NRPE that you can reach.".

The same tracker post contains a patch introducing full SSL capability to NRPE. We have made some minor improvements to adapt the patch to NRPE version 2.15, and to handle SSL initiation phase in a more proper way (See attachments below).

Outcome of this effort is now made available as a separate Winrpe installer with full SSL capability. Enjoy!!



File nrpe_fullssl.patch4.43 KB
File check_nrpe_fullssl.patch7.58 KB