I don’t need it to do vulnerability scanning. I just want to know the basics like if the SSL cert doesn’t match the URL that is serving it up.
Curl already has to have a lot of that built in as it balks at the cert mismatch, maybe it can be leveraged somehow.
Scot Kreienkamp | Senior Systems Engineer | La-Z-Boy Corporate
One La-Z-Boy Drive | Monroe, Michigan 48162 | Office: XXX-XXX-XXXX | | Mobile: XXXXXXXXXX | Email: user-9678697f1438@xymon.invalid
-----Original Message-----
From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of Mark
Felder
Sent: Tuesday, November 10, 2015 9:28 AM
To: Markus Stoll, junidas GmbH <user-137482a60f79@xymon.invalid>
Cc: xymon at xymon.com
Subject: Re: [Xymon] SSL Certificate test failure
On Tue, Nov 10, 2015, at 04:24, Markus Stoll, junidas GmbH wrote:
Hi,
xymon would never be fast enough implementing checks against current
ssl
vulnerabilities
ssllabs does provide a webservice API for thorough SSL checking which can
be accessed from xymon quite easily
I don't think anybody asked for this functionality. We're simply asking
Xymon to be able to differentiate between a certificate with a valid
chain of trust and one that is broken or self-signed.
--
Mark Felder
user-db141d317836@xymon.invalid
This message is intended only for the individual or entity to which it is addressed. It may contain privileged, confidential information which is exempt from disclosure under applicable laws. If you are not the intended recipient, you are strictly prohibited from disseminating or distributing this information (other than to the intended recipient) or copying this information. If you have received this communication in error, please notify us immediately by e-mail or by telephone at the above number. Thank you.