[Xymon] SSL Certificate test failure
Markus Stoll, junidas GmbH
markus.stoll at junidas.de
Tue Nov 10 11:24:53 CET 2015
Hi,
xymon would never be fast enough implementing checks against current ssl vulnerabilities
ssllabs does provide a webservice API for thorough SSL checking which can be accessed from xymon quite easily
Markus
> Am 09.11.2015 um 22:24 schrieb Mark Felder <feld at feld.me>:
> On Mon, Nov 9, 2015, at 15:18, Scot Kreienkamp wrote:
>> Hi there,
>>
>> I am testing a site in Xymon that is testing OK, but throws an SSL error
>> in the browser. Wondering why that was, I looked at the certificate for
>> the site... it doesn't match the domain name of the site that's serving
>> it, which causes the browser to display an SSL error. I was expecting
>> Xymon to do the same. Apparently Xymon doesn't check to make sure the
>> certificate matches the URL.
>>
>
> Xymon doesn't check the chain of trust or validate the hostname of the
> certificate. It will gladly tell you if it expires, though :)
>
> It would be nice to teach Xymon to validate the certificate more
> thoroughly.
>
>
> --
> Mark Felder
> feld at feld.me
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com
> http://lists.xymon.com/mailman/listinfo/xymon
--
Dr. Markus Stoll (Geschäftsführer)
markus.stoll at junidas.de
GPG: 8F8C 4A15 F3F4 F2A6 9D0E 5FCC 95D7 F6A7 662C 8C83
Peerio: 2Bc2qPRLJo8tgZXzH3sPTXg6HU5JsEthNdjrC8Y2F9kZ7z
miniLock: mUZgLgha4Ymex8cP15qXHjKYpt5g3dVzBo4sUEnqWjNbh
junidas GmbH, Aixheimer Str. 12, 70619 Stuttgart
Tel. +49 (711) 4599799-11, Fax +49 (711) 4599799-10
Geschäftsführer: Dr. Markus Stoll, Matthias Zepf
Amtsgericht Stuttgart, HRB 21939
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3109 bytes
Desc: not available
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20151110/f37d6182/attachment.bin>
More information about the Xymon
mailing list