sslcert

On Fri, January 21, 2011 12:17, Henrik Størner wrote:

In <user-685274ea37e4@xymon.invalid>
"Xymon User in Richmond" <user-24d6f8323faa@xymon.invalid> writes:

On Thu, January 20, 2011 17:06, Henrik Størner wrote:

OK, so you have (at least) 7 SSL-enabled services running on one
host. The effect of that is rather unpredictable - when doing the
"sslcert" status, I didn't think that you would have one line in
hosts.cfg with multiple (different) SSL certificates. So which of the
 7 certificates will show up in the "sslcert" status is
unpredictable.

I have hosts running both httpd ssl and imaps services, with separate
certs, and it reports both certs correctly.  I don't know if it will
handle status correctly, though.  The imaps certs are self-generated
with expirations years out.  IIRC, it has gone yellow on the httpd
certs at the correct time.  The https test precedes the imaps test on
the hosts line, and the certs are stacked in that order on the sslcert
page.

I stand corrected, then - apparently I did foresee that possibility :-)

I understand:  I often turn out to have been smarter than I realized at
the time (when I'm stupid it's usually readily apparent).

I noticed overnight on a personal server that even if the httpd and imaps
certs are the same one, it's reported once per service.  I like that.