On 11/2/2016 8:22 PM, David Baldwin wrote:
Martin,
There is an option for xymonnet to enable SNI - here's my tasks.cfg
snippet - see man xymonnet
[xymonnet]
ENVFILE /home/xymon/server/etc/xymonserver-net.cfg
NEEDS xymond
CMD xymonnet --report --ping --checkresponse --bb-proxy-syntax
--sni=on --timeout=20 --sslkeysize=2048
LOGFILE $XYMONSERVERLOGS/xymonnet.log
INTERVAL 5m
SNI can also be enabled per-host. See the man page for hosts.cfg:
sni
nosni
Enables or disables use of SNI (Server Name Indication) for SSL tests.
Some SSL implementations cannot handle SSL handshakes with SNI data, so Xymon by default does not use SNI. This default can be changed with the "--sni" option for xymonnet(1) but can also be managed per host with these tags.
SNI support was added in Xymon 4.3.13, where the default was to use SNI. This was changed in 4.3.14 so SNI support is disabled by default, and the "sni" and "nosni" tags were introduced together with the "--sni" option for xymonnet.
--
Do things because you should, not just because you can.
John Thurston XXX-XXX-XXXX
user-ce4d79d99bab@xymon.invalid
Enterprise Technology Services
Department of Administration
State of Alaska