Nagios Monitor HTTPS SSL Certificate Expiry

Linux Nagios and NagiosXI
Tristan SelfLeave a Comment on Nagios Monitor HTTPS SSL Certificate Expiry

http://exchange.nagios.org/directory/Plugins/Network-Protocols/HTTP/check_ssl_cert_alternative/details

Downloaded the file and stuck it in: /usr/local/share/nagios/libexec

Make it executable:

# chmod 755 check_ssl_cert_alternative.pl

Change the owner:

# chown nagios check_ssl_cert_alternative.pl

Change the group:

# chgrp nagios check_ssl_cert_alternative.pl

Rename it so I don’t need to stick the .pl on the end:

# mv check_ssl_cert_alternative.pl check_ssl_cert_alternative

Do a test run:

./check_ssl_cert_alternative -H servername.domain.name:443

Seems to be okay we see: “servername.domain.name:443 68 Days left”

In the example below, that needs to be added to your nagios config. Setting !30!10, sets the warning at 30 days and the critical at 10 days.

------------------------------------------------------------------------------------------------------------------------------------

Windowsservers.cfg

------------------------------------------------------------------------------------------------------------------------------------

define service{

use                     generic-service

host_name               SERVERNAME

service_description     SSL Cert

check_command           check_https!30!10

}

------------------------------------------------------------------------------------------------------------------------------------

commands.cfg

------------------------------------------------------------------------------------------------------------------------------------

define command{

command_name    check-ssl-cert

command_line    $USER1$/check_ssl_cert_alternative -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$

}

------------------------------------------------------------------------------------------------------------------------------------

Changed this also to give the remaining time as it seemed to be more useful, but also added the time/date at the end too. This was done by editing the

script itself.

#############################################

print "$hoststring $certtimeleft Days left, Expires on: $certenddate \n";

#print "$hoststring expires on $certenddate\n";

#############################################

You can also set cert expiry warning levels in the script if you don’t want to pass these arguments via the command string.

Related Posts

Using check_http to Monitor Cloudflare Websites

Tristan Self

Nagios – check_icmp

Tristan Self

Nagvis – Hiding the Header on NagVis Maps

Tristan Self

Leave a Reply

Your email address will not be published. Required fields are marked *