Downloaded the file and stuck it in: /usr/local/share/nagios/libexec
Make it executable:
# chmod 755 check_ssl_cert_alternative.pl
Change the owner:
# chown nagios check_ssl_cert_alternative.pl
Change the group:
# chgrp nagios check_ssl_cert_alternative.pl
Rename it so I don’t need to stick the .pl on the end:
# mv check_ssl_cert_alternative.pl check_ssl_cert_alternative
Do a test run:
./check_ssl_cert_alternative -H servername.domain.name:443
Seems to be okay we see: “servername.domain.name:443 68 Days left”
In the example below, that needs to be added to your nagios config. Setting !30!10, sets the warning at 30 days and the critical at 10 days.
------------------------------------------------------------------------------------------------------------------------------------
Windowsservers.cfg
------------------------------------------------------------------------------------------------------------------------------------
define service{
use generic-service
host_name SERVERNAME
service_description SSL Cert
check_command check_https!30!10
}
------------------------------------------------------------------------------------------------------------------------------------
commands.cfg
------------------------------------------------------------------------------------------------------------------------------------
define command{
command_name check-ssl-cert
command_line $USER1$/check_ssl_cert_alternative -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$
}
------------------------------------------------------------------------------------------------------------------------------------
Changed this also to give the remaining time as it seemed to be more useful, but also added the time/date at the end too. This was done by editing the
script itself.
#############################################
print "$hoststring $certtimeleft Days left, Expires on: $certenddate \n";
#print "$hoststring expires on $certenddate\n";
#############################################
You can also set cert expiry warning levels in the script if you don’t want to pass these arguments via the command string.