[Xymon] SSL Certs on servers with multiple virtualhosts
John D. Alexander
JAlexander at feeneywireless.com
Tue Aug 6 23:38:04 CEST 2013
Henrik,
There seems to be a math error in there. It has my certificates having expired 15500 days ago.
John Alexander
-----Original Message-----
From: Henrik Størner [mailto:henrik at hswn.dk]
Sent: Tuesday, August 06, 2013 1:45 PM
To: xymon at xymon.com; John D. Alexander
Subject: Re: [Xymon] SSL Certs on servers with multiple virtualhosts
On 06-08-2013 22:26, John D. Alexander wrote:
> Given that s_client is rudimentary and actually pretty old, it might
> be a thing to do the tests using curl instead of openssl. Curl
> reports the proper certificates.
>
> Wonder how much work it would be to use curl instead of openssl.
> Does anyone know what drives the http tests? I'm not a programming
> guy, but know folks who are.
Xymon uses OpenSSL, but only the library - not the s_client tool (or any other external tool).
Supporting SNI in the Xymon tests should be a fairly simple change, though. The attached changed to Xymon 4.3.12 should do it - I would appreciate it if you could try it out, since I don't have the necessary test setup to really test it. Just save the attached file, then go to your xymon-4.3.12 directory and run
cat /tmp/xymon-snisupport.patch | patch -p0 then run "make" and "make install" again.
BTW, s_client does support SNI - you just need to specify the name with the "-servername NAME" option.
Regards,
Henrik
More information about the Xymon
mailing list