Den 2014-04-15 4:24, deepak deore skrev:
Can we monitor SSL
certificate's revoke status ?
There's no built-in test in Xymon for
this.
Doing a bit of Google it seems that OpenSSL does have the
necessary tools / code to perform an OCSP verification, but it is far
from easy. (See
http://backreference.org/2010/05/09/ocsp-verification-with-openssl/ for
an explanation of the steps involved).
It does make sense to include
this check in the "sslcert" status, but for now you will have to
implement a custom check script to perform it.
Regards,
Henrik