Xymon Mailing List Archive search

sslcert

list Frank Torontour
Tue, 9 Jan 2018 11:44:10 -0500
Message-Id: <user-d89c39e957a8@xymon.invalid>

     I tried this an no go.  Not sure if I am doing this correctly as the hosts.cfg file is
not clear:

https://www.thesweetbasket.com/en/;sni;

sni;https://www.thesweetbasket.com/en/

On 1/9/18 11:19, SebA wrote:
Hi Frank,

Xymon has picked up the certificate that is on https://66.159.47.82/ the IP address that www.thesweetbasket.com <http://www.thesweetbasket.com>; resolves to.  That certificate has indeed expired.  However, to get Xymon to test the certificate you are actually using, you need to enable sni.  Search for sni in the man page here: http://xymon.sourceforge.net/xymon/help/manpages/man5/hosts.cfg.5.html But, the short answer is you can probably just add the sni tag to your host in hosts.cfg.

Kind regards,  SebA

On 9 January 2018 at 16:06, Frank <user-fbc5ef527f6f@xymon.invalid <mailto:user-fbc5ef527f6f@xymon.invalid>> wrote:

        Hi,

    This is for the sslcert service:

        I have xymon monitoring a web site where the certificate has
    been changed twice over
    the past 2 years.  And it is currently up to date. What xymon is
    showing for the dates
    of the certificate are wrong.  Is there a way to fix this so it
    shows the correct certificate
    and not an old one?

    start date: 2014-12-02 19:29:50 GMT
        expire date:2015-04-01 19:29:50 GMT
    Tue Jan 9 10:58:46 2018


    red SSL certificate for https://www.thesweetbasket.com/en/
    <https://www.thesweetbasket.com/en/>; expired 1013 days ago


    Server certificate:
    subject:/C=CA/ST=Que/L=Montreal/O=Cronomagic/OU=Web/CN=serv1.thesweetbasket.com/emailAddress=user-9f8ee8e74035@xymon.invalid
        start date: 2014-12-02 19:29:50 GMT
        expire date:2015-04-01 19:29:50 GMT
        key size:1024
    issuer:/C=CA/ST=Que/L=Montreal/O=Cronomagic/OU=Web/CN=serv1.thesweetbasket.com/emailAddress=user-9f8ee8e74035@xymon.invalid
        signature algorithm: sha256WithRSAEncryption

    Cipher used: ECDHE-RSA-AES256-GCM-SHA384 (256 bits)


    -- 
    sysadmcronomagic.com/gemstelecom.com  <http://cronomagic.com/gemstelecom.com>;
    user-3a42a2ba864a@xymon.invalid  <mailto:user-fbc5ef527f6f@xymon.invalid>

    POWERED BY LINUX


    <


-- 

sysadm  cronomagic.com/gemstelecom.com
e-mail  user-fbc5ef527f6f@xymon.invalid

POWERED BY LINUX