SSL Certs on servers with multiple virtualhosts

list Ralph Mitchell
Tue, 6 Aug 2013 21:50:26 -0400
Message-Id: <CAAEjoCW6Tar8d0aRBH7Ug9=user-f0fd671fbd25@xymon.invalid>

Here's that script for checking web servers.  It's not rocket surgery, but
it gets the job done.  I needed it to be able to poke a secure web server
through a proxy.

Ralph Mitchell


On Tue, Aug 6, 2013 at 2:32 PM, John D. Alexander <
user-9a0964743c57@xymon.invalid> wrote:

 ** **

I’m running Xymon 4.3.12 on CentOS 6.4 and monitoring a number of Apache
web servers that each have multiple SSL VirtualHosts.****

** **

Xymon appears to be using the openssl s_client utility to check server
certificates and since s_client is not SNI compliant, it only picks up the
certificate of the first VirtualHost.  All other VirtualHosts are reported
having the same certificate.****

** **

Does anyone know of a workaround (perhaps using curl) to validate SSL
certificates and track expiration dates of those certificates?****

** **

Thanks much.****

** **

*John Alexander*
Network Administrator****

** **

Attachments (1)

attachment.sh application/octet-stream · 2.7 KB