[Xymon] SSL Certs on servers with multiple virtualhosts

John D. Alexander JAlexander at feeneywireless.com
Thu Aug 8 01:30:28 CEST 2013


Hey Ralph,

Thanks for the script.  I'll give it a whirl.  I'm guessing that each separate server will need to be set up with the script run against it.
Also, I suppose that I'll need to stop the https://....  Test from the xymon hosts.cfg

Thanks again

John Alexander


From: Ralph Mitchell [mailto:ralphmitchell at gmail.com]
Sent: Tuesday, August 06, 2013 6:50 PM
To: John D. Alexander
Cc: xymon at xymon.com
Subject: Re: [Xymon] SSL Certs on servers with multiple virtualhosts

Here's that script for checking web servers.  It's not rocket surgery, but it gets the job done.  I needed it to be able to poke a secure web server through a proxy.

Ralph Mitchell

On Tue, Aug 6, 2013 at 2:32 PM, John D. Alexander <JAlexander at feeneywireless.com<mailto:JAlexander at feeneywireless.com>> wrote:

I'm running Xymon 4.3.12 on CentOS 6.4 and monitoring a number of Apache web servers that each have multiple SSL VirtualHosts.

Xymon appears to be using the openssl s_client utility to check server certificates and since s_client is not SNI compliant, it only picks up the certificate of the first VirtualHost.  All other VirtualHosts are reported having the same certificate.

Does anyone know of a workaround (perhaps using curl) to validate SSL certificates and track expiration dates of those certificates?

Thanks much.

John Alexander
Network Administrator


_______________________________________________
Xymon mailing list
Xymon at xymon.com<mailto:Xymon at xymon.com>
http://lists.xymon.com/mailman/listinfo/xymon

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20130807/a8044915/attachment.html>


More information about the Xymon mailing list