Hi Frank,
Xymon has picked up the certificate that is on https://66.159.47.82/ the IP
address that www.thesweetbasket.com resolves to. That certificate has
indeed expired. However, to get Xymon to test the certificate you are
actually using, you need to enable sni. Search for sni in the man page
here: http://xymon.sourceforge.net/xymon/help/manpages/man5/hosts.cfg.5.html
But, the short answer is you can probably just add the sni tag to your host
in hosts.cfg.
Kind regards, SebA
On 9 January 2018 at 16:06, Frank <user-fbc5ef527f6f@xymon.invalid> wrote:
Hi,
This is for the sslcert service:
I have xymon monitoring a web site where the certificate has been
changed twice over
the past 2 years. And it is currently up to date. What xymon is showing
for the dates
of the certificate are wrong. Is there a way to fix this so it shows the
correct certificate
and not an old one?
start date: 2014-12-02 19:29:50 GMT
expire date:2015-04-01 19:29:50 GMT
Tue Jan 9 10:58:46 2018
red SSL certificate for https://www.thesweetbasket.com/en/ expired 1013
days ago
Server certificate:
subject:/C=CA/ST=Que/L=Montreal/O=Cronomagic/OU=Web/
CN=serv1.thesweetbasket.com/emailAddress=user-9f8ee8e74035@xymon.invalid
start date: 2014-12-02 19:29:50 GMT
expire date:2015-04-01 19:29:50 GMT
key size:1024
issuer:/C=CA/ST=Que/L=Montreal/O=Cronomagic/OU=Web/
CN=serv1.thesweetbasket.com/emailAddress=user-9f8ee8e74035@xymon.invalid
signature algorithm: sha256WithRSAEncryption
Cipher used: ECDHE-RSA-AES256-GCM-SHA384 (256 bits)
--
sysadm cronomagic.com/gemstelecom.com
e-mail user-fbc5ef527f6f@xymon.invalid
POWERED BY LINUX