[Nagiosplug-help] check_http cert expiration w/ addl cert info

Andreas Ericsson ae at op5.se
Tue Sep 18 10:20:57 CEST 2007

Previous message: [Nagiosplug-help] check_http cert expiration w/ addl cert info
Next message: [Nagiosplug-help] check_http cert expiration w/ addl cert info
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Mike Patterson wrote:
> Hi list
> 
> I'm checking https cert expiration on a large number of hosts in a somewhat complex environment.
> 
> I'd love to include in the feedback the Common Name (CN) that belongs to the certificate.  Just so that I can be absolutely certain that I'm checking the cert I think I'm checking.
> 
> Mulitple DNS servers, DNS wildcards, load-balancers, more than 1 cert of each host, etc.. have the potential to have me checking the wrong certificate.
> 
> Different checks I'm experimenting with:
> 
> ./check_ssl_certificate -H 10.10.10.22 -v -c 7 -w 24
> check_ssl_certificates: 363 days left for this certificate.
> 
> ./check_http -H 10.10.10.22 -p 443 -S -C 24
> OK - Certificate will expire on 09/14/2008 23:59.
> 
> Any tips how I can also have the check return the Common Name (CN) belonging to the cert?
> 

Hack the code. You should add an option named --show-cn or some such,
and use that option in your command object definitions.

-- 
Andreas Ericsson                   andreas.ericsson at op5.se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231

Previous message: [Nagiosplug-help] check_http cert expiration w/ addl cert info
Next message: [Nagiosplug-help] check_http cert expiration w/ addl cert info
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Help mailing list