Nagios Support Forum

Hello,

I'm looking for some information on how to implement the following script:
http://exchange.nagios.org/components/c ... 2&cf_id=24

for integrating with Nagios on alterting when an SSL cert is going to expire.

Seems like the script should work ok, unless there are other suggestions, then I'm open to ideas.

Thanks!

P.S.: We are currently using Nagios 3.0.6 on centOS 5.3. Upgrades are planned to happen in the near future, but want to get the above alterting going on our current version.

Actually, the Website configuration wizard that ships with XI already includes an option for SSL certificate expiry built right in, so you don't have to do anything!

Great!

Now is this specific to HTTPS certs?

Or servername:port should work just find for various certificates? (LDAP over SSL (servername:636), HTTPS (servername:443), etc. etc.)?

Thanks!

Hmm, that one does appear to be specific to HTTPS ($USER1$/check_http -H $HOSTADDRESS$ -C $ARG1$), but I wouldn't be surprised if it could be faked by providing a different port either. Not sure. If you do need something else, you'd be defining things in the Core Config Manager, by creating a command definition and then assigning it to your service. I know mguthrie was working on some documentation of that stuff, but I'm not sure of the status.

Ah. I see. Will find out how well we can configure this after the upgrade.

You'll notice in the link I provided, the script that was created by someone else - uses PERL and openSSL to complete the process.

Are your additions doing the same? Or using some type of other methods built into Nagios?

Thanks!

Nagios has a number of standard check plugins that it's shipped with. The check_http plugin has support to check certificates built in. It may be usable to check ldap certificates. We may investigate adding ldap support directly into XI, if we do checking certificates will be part of that wizard.