I've done this before, but I don't think I still have the script. If you
want to mimic the sslcert column for some random SSL certificate file and
send it to Xymon, this:
openssl x509 -noout -in my_server.crt -subject -startdate -enddate -issuer
-dateopt iso_8601 | \
sed -e 's/notBefore=/start date: /' -e 's/notAfter=/expire date:/'
gets you a block that looks something like the sslcert column:
subject=CN = My Server Cert
start date: 2021-01-05 03:57:33Z
expire date:2025-01-05 03:57:33Z
issuer=CN = Some Random CA
You can do some date math on the expiry date to determine when it expires,
and then construct a message to send to Xymon.
I'll poke around and see if I can dig up my script.
Ralph Mitchell
On Mon, Aug 28, 2023 at 6:47?PM Vernon Everett <user-b3f8dacb72c8@xymon.invalid>
wrote:
Hi all
Haven't been using Xymon for many years, but I now have a small client
looking for a lightweight and cost-effective (free) monitoring solution,
and Zymon fitted the bill.
Most of the config and setup is coming back to me, but I'm a little stuck
on certs.
Some certs I can point Xymon directly to the URL, and I get the response I
want.
Others are (multiple) certs on my Xymon client server, not related to a
URL, but used by applications.
I cannot remember how we configure those to check for expiration.
Any tips appreciated.
Regards
Vernon
--
"Accept the challenges so that you can feel the exhilaration of victory"
- General George Patton
"Don't find fault. Find a remedy"
- Henry Ford