Package: nagios3-cgi Version: 3.4.1-3 Severity: normal Tags: upstream (1) Install nagios3-cgi (2) Tweak apache config to mount the web interface on an https URL, that is, with SSL (3) Visit the web interface at https://yourserver
At this point, the browser warns that some elements of the page are not encrypted. This warning can take the form of a modal dialog in some browsers and is annoying and confusing. Looking at the 'net' panel in firebug reveals this URL being fetched: http://assets.nagios.com/images/corepromos/2012-01-26-trainingsplash.jpg The 'Latest News' RSS feed appears to be including images over plain HTTP I've commented out lines 19-24 of /usr/share/nagios3/htdocs/main.php to work around this. Can we persuade upstream to serve this stuff over HTTPS? Or have an option to disable these feeds? Happy to work on a patch for upstream or Debian depending on what you think best. -- System Information: Debian Release: 7.0 Architecture: armhf (armv6l) Kernel: Linux 3.6.11+ (PREEMPT) Locale: LANG=en_GB.UTF-8, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages nagios3-cgi depends on: ii adduser 3.113+nmu3 ii apache2-utils 2.2.22-13 ii coreutils 8.13-3.5 ii debconf [debconf-2.0] 1.5.49 ii libapache2-mod-php5 5.4.4-14 ii libc6 2.13-38+rpi2 ii libgd2-noxpm 2.0.36~rc1~dfsg-6.1 ii libjpeg8 8d-1 ii libpng12-0 1.2.49-1 ii nagios3-common 3.4.1-3 ii ucf 3.0025+nmu3 ii zlib1g 1:1.2.7.dfsg-13 Versions of packages nagios3-cgi recommends: ii apache2 2.2.22-13 ii apache2-mpm-prefork [httpd] 2.2.22-13 ii nagios-images 0.7 nagios3-cgi suggests no packages. -- Configuration Files: /etc/nagios3/cgi.cfg changed [not included] -- debconf information: nagios3/nagios1-in-apacheconf: false nagios3/adminpassword-mismatch: nagios3/httpd: apache2 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
