Page 1 of 1

Check SSL expiration and ignore "No data received from host"

PostPosted: Thu Jan 20, 2022 9:54 am
by nov1ce
Hello,

I have a simple check_http check that monitors the expiration of SSL certificates:

check_http -I 192.168.0.2 -H 192.168.0.2 -S -C 60 --sni

which returns:

SSL OK - Certificate 'xxx certificate' will expire on 2022-09-29 15:29 +0200/CEST. HTTP CRITICAL - No data received from host

"HTTP CRITICAL - No data received from host" part is expected.

Is there any way I can ignore it so the service status is green (OK) as per SSL check? Right now it's reported as Critical.

Thank you.

Re: Check SSL expiration and ignore "No data received from h

PostPosted: Tue Jan 25, 2022 3:00 pm
by pbroste
Hello @nov1ce

Thanks for reaching out, want to see what the results look like when you add verbose output:

Code: Select all
check_http -I 192.168.0.2 -H 192.168.0.2 -S -C 60 --sni -verbose


Also toggle --sni switch to compare the results, with the option to add the '--continue-after-certificate' switch.

Please let us know how things look,
Perry

Re: Check SSL expiration and ignore "No data received from h

PostPosted: Wed Jan 26, 2022 3:29 am
by nov1ce
Hello @pbroste

Thanks for your reply.

Here is how the verbose output looks like:

Code: Select all
SSL initialized
SSL OK - Certificate 'VPN Certificate' will expire on 2022-09-29 15:29 +0200/CEST. GET / HTTP/1.1
User-Agent: check_http/v2.2.1.git (nagios-plugins 2.2.1)
Connection: close
Host: 192.168.0.2
Accept: */*


HTTP CRITICAL - No data received from host

Omitting --sni switch doesn't change anything and --continue-after-certificate is unrecognized:

Code: Select all
check_http: unrecognized option '--continue-after-certificate'