[Xymon] HTTPS monitoring, with different IP
Adam Goryachev
mailinglists at websitemanagers.com.au
Sun Jun 21 10:32:56 CEST 2020
I have a strange setup, my web server is behind a 1:1 NAT, and xymon is
also behind the same router. The router doesn't support network pinning
(ie, go out, and then translate on the way back in again), so the
network test simply timeout.
I've found a "solution" which is to configure xymon to talk to the
internal IP address instead of the external one, but instead of changing
the DNS or using /etc/hosts file, I want to keep this change to the
xymon config.
So currently I have this:
0.0.0.0 www.mysite.com.au # noconn
httpstatus;https://mysite.com.au=10.0.0.23/;2..
This solves the problem for the http column (I get a green dot, and
everything is OK), but I get a red dot for sslcert because xymon is
looking at the wrong SSL certificate (not using SNI correctly).
I'm using the xymon package from debian version 4.3.28-5+deb10u1 in case
that is relevant.
Is there a solution to have xymon correctly monitor the SSL certificate
when using a different IP address?
Regards,
Adam
More information about the Xymon
mailing list