Hi,
xymon would never be fast enough implementing checks against current ssl vulnerabilities
ssllabs does provide a webservice API for thorough SSL checking which can be accessed from xymon quite easily
Markus
Am 09.11.2015 um 22:24 schrieb Mark Felder <user-db141d317836@xymon.invalid>:
On Mon, Nov 9, 2015, at 15:18, Scot Kreienkamp wrote:
Hi there,
I am testing a site in Xymon that is testing OK, but throws an SSL error
in the browser. Wondering why that was, I looked at the certificate for
the site... it doesn't match the domain name of the site that's serving
it, which causes the browser to display an SSL error. I was expecting
Xymon to do the same. Apparently Xymon doesn't check to make sure the
certificate matches the URL.
Xymon doesn't check the chain of trust or validate the hostname of the
certificate. It will gladly tell you if it expires, though :)
It would be nice to teach Xymon to validate the certificate more
thoroughly.
--
Mark Felder
user-db141d317836@xymon.invalid
--
Dr. Markus Stoll (Geschäftsführer)
user-137482a60f79@xymon.invalid
GPG: 8F8C 4A15 F3F4 F2A6 9D0E 5FCC 95D7 F6A7 662C 8C83
Peerio: 2Bc2qPRLJo8tgZXzH3sPTXg6HU5JsEthNdjrC8Y2F9kZ7z
miniLock: mUZgLgha4Ymex8cP15qXHjKYpt5g3dVzBo4sUEnqWjNbh
junidas GmbH, Aixheimer Str. 12, 70619 Stuttgart
Tel. +49 (711) 4599799-11, Fax +49 (711) 4599799-10
Geschäftsführer: Dr. Markus Stoll, Matthias Zepf
Amtsgericht Stuttgart, HRB 21939