How to monitor Keystore

[haile711]

To nagios community,
I'm trying to set up a monitoring certificate, I'm just wondering if it's possible to monitoring for a keystore, for multiple certs. I don't see anything on the Nagios site for Keystore monitoring, there is SSL. If anyone has setup one before or know of a plugin. Please let me know. Thanks for helping.

[lmiltchev]

I didn't find any suitable plugin on the Nagios Exchange. However, I found one on GitHub that *may* do the job for you.

https://github.com/jhrcz/check-certstore

I hope this is what you are after.

[haile711]

hey lmiltchev,
Yea..I was checking out this plugin, when I saw your post. This is not what I'm looking for atm. Thanks for responding.

[jolson]

Did you come across this web page? http://www.davidgouveia.net/2013/07/sim ... -jks-file/

The script presented could be customized to potentially suit your needs.

[haile711]

hey jolson,
Yea, I have tested with that one already too. I dun think that script can work remotely. There are other issue with that script too. I have certs that already expire for more than 1000 days, and it only show a warning .

[ssax]

I don't think that you will find a script that can check your keystore remotely, you will have to install the plugin on the remote machine so that it can access the file.

I'll test out that script and see where it's failing.

[ssax]

Here is the modified script that should work for you.

Code: Select all

./checkCertificate --keystore [YOUR_KEYSTORE_FILE] --password [YOUR_PASSWORD] --warning [WARNING_IN_DAYS] --critical [CRITICAL_IN_DAYS]

The defaults are Warning: 30, Critical: 15

checkCertificate.zip

[haile711]

hello ssax,
That script you modified works. If there isn't a better way to do remote checking, i'll just just nrpe agent, but this script now working. Thanks so much!!

[tmcdonald]

Are we all set to close this thread then?

[haile711]

yes you can close this thread out. thanks for all your help