Relevant excerpt from the check_http man page:
Code: Select all
-C, --certificate=INTEGER[,INTEGER]
Minimum number of days a certificate has to be valid. Port defaults to 443
(when this option is used the URL is not checked.)
Code: Select all
check_http --ssl -C 21 -H google.com
Code: Select all
OK - Certificate '*.google.com' will expire on 2017-09-27 03:09 -0500/CDT.
Code: Select all
check_http --ssl -C 21 -H google.com
Code: Select all
SSL OK - Certificate '*.google.com' will expire on 2017-09-27 03:09 -0500/CDT. HTTP OK: HTTP/1.1 301 Moved Permanently - 615 bytes in 1.297 second response time |time=1.297264s;;;0.000000 size=615B;;;0
Version info (source downloaded 2017-07-18):
Code: Select all
./check_http --version
check_http v2.2.1 (nagios-plugins 2.2.1)
In my specific case, access to the http content is restricted, so even though I just want to do a certificate expiration check, I'm getting a warning in nagios with the new version because of a 401 response.
IP/hostname/port redacted version of the two versions of the command I'm actually using:
Code: Select all
./check_http --ssl -C 21 -I IPREDACTED -p PORTREDACTED
SSL OK - Certificate 'hostnameredacted.com' will expire on 2018-04-04 18:59 -0500/CDT. HTTP WARNING: HTTP/1.0 401 Access Denied - 40256 bytes in 0.280 second response time |time=0.279541s;;;0.000000 size=40256B;;;0
And the same check (with hostname/port redacted) using the 2.1.4 version of check_http:
Code: Select all
./check_http --ssl -C 21 -I IPREDACTED -p PORTREDACTED
OK - Certificate 'hostnameredacted.com' will expire on 2018-04-04 18:59 -0500/CDT.
Quick edit for system info: Systems tested with were running centos 6.9 x86_64 and centos 7.3.1611.