On Tue, November 26, 2013 7:31 am, Novosielski, Ryan wrote:
Hi all,
Is there a way to check an SSL service without caring if the cert is
expired? I realize this may be an odd thing to want to do, but apparently
in the application that it's being used the cert does not need to be
current, just otherwise functioning to provide SSL (the real service is in
front of a load balancer or something that doesn't care). Is there a way
to make a cert expiration not cause the test to go red without playing
with the source code?
From the crazy-enough-it-might-just-work dept:
I don't see anything in the source that wouldn't take --sslalarm as a
signed int, but I don't have an expired cert lying around to test at the
moment. Have you tried something like --sslalarm=-9999 in xymonnet's
command line?
HTH,
-jc