[Xymon] Xymon 4.3.13: HTTPS check issues
Mark Felder
feld at feld.me
Tue Jan 14 17:44:56 CET 2014
On Mon, Jan 13, 2014, at 2:29, henrik at hswn.dk wrote:
> Den 11.01.2014 18:44, Mark Felder skrev:
> > I think the safe solution everywhere is "off by default", and further
> > testing of the HTTPS checking code with OpenSSL 1.0+ against servers
> > that don't support the latest TLS, or maybe not even TLS at all --
> > just
> > SSLv3. You're going to have users with appliances that can't be
> > upgraded
> > but they still should be able to get monitored.
>
> Just to finish this thread: In 4.3.14 I have implemented a global
> option for xymonnet "--sni=[on|off]" to globally enable/disable SNI for
> SSL tests. Default is OFF. In addition there are two now tags for
> hosts.cfg, "sni" and "nosni" so regardless of the global option you can
> override it per host.
>
> I think that is the best way to avoid unnecessary surprises when
> upgrading, while still making SNI available for those who need it.
>
>
Thanks Henrik!
More information about the Xymon
mailing list