sslcert

list Frank Torontour
Tue, 9 Jan 2018 13:56:51 -0500
Message-Id: <user-6caf546952bd@xymon.invalid>

      I was able to configure the rest of the sites I wanted, and all is 
working
properly. Thank you!.

On 1/9/18 11:49, Frank wrote:

    After trial and error:
    This is what worked:

https://www.thesweetbasket.com/en/ sni

On 1/9/18 11:41, SebA wrote:

Your Windows machine +  Chrome is using SNI.

On 9 January 2018 at 16:25, Josh Luthman <user-4c45a83f15cb@xymon.invalid 
<mailto:user-4c45a83f15cb@xymon.invalid>> wrote:

    My Windows machine + Chrome believes that certificate is good
    until 2019...

    https://i.imgur.com/JiSHntT.png <https://i.imgur.com/JiSHntT.png>;


    Josh Luthman
    Office: XXX-XXX-XXXX
    Direct: XXX-XXX-XXXX
    XXXX Wayne St
    <https://maps.google.com/?q=1100+Wayne+St+Suite+1337+Troy,+OH+45373&entry=gmail&source=g>;
    Suite XXXX
    <https://maps.google.com/?q=1100+Wayne+St+Suite+1337+Troy,+OH+45373&entry=gmail&source=g>;
    Troy, OH XXXXX
    <https://maps.google.com/?q=1100+Wayne+St+Suite+1337+Troy,+OH+45373&entry=gmail&source=g>;

    On Tue, Jan 9, 2018 at 11:19 AM, SebA <user-4631430d620a@xymon.invalid
    <mailto:user-4631430d620a@xymon.invalid>> wrote:

        Hi Frank,

        Xymon has picked up the certificate that is on
        https://66.159.47.82/ the IP address that
        www.thesweetbasket.com <http://www.thesweetbasket.com>;
        resolves to.  That certificate has indeed expired.  However,
        to get Xymon to test the certificate you are actually using,
        you need to enable sni.  Search for sni in the man page here:
        http://xymon.sourceforge.net/xymon/help/manpages/man5/hosts.cfg.5.html
        <http://xymon.sourceforge.net/xymon/help/manpages/man5/hosts.cfg.5.html>;
        But, the short answer is you can probably just add the sni
        tag to your host in hosts.cfg.

        Kind regards,  SebA

        On 9 January 2018 at 16:06, Frank <user-fbc5ef527f6f@xymon.invalid
        <mailto:user-fbc5ef527f6f@xymon.invalid>> wrote:

                Hi,

            This is for the sslcert service:

                I have xymon monitoring a web site where the
            certificate has been changed twice over
            the past 2 years.  And it is currently up to date. What
            xymon is showing for the dates
            of the certificate are wrong.  Is there a way to fix this
            so it shows the correct certificate
            and not an old one?

            start date: 2014-12-02 19:29:50 GMT
                expire date:2015-04-01 19:29:50 GMT
            Tue Jan 9 10:58:46 2018


            red SSL certificate for
            https://www.thesweetbasket.com/en/
            <https://www.thesweetbasket.com/en/>; expired 1013 days ago


            Server certificate:
            subject:/C=CA/ST=Que/L=Montreal/O=Cronomagic/OU=Web/CN=serv1.thesweetbasket.com/emailAddress=user-9f8ee8e74035@xymon.invalid
                start date: 2014-12-02 19:29:50 GMT
                expire date:2015-04-01 19:29:50 GMT
                key size:1024
            issuer:/C=CA/ST=Que/L=Montreal/O=Cronomagic/OU=Web/CN=serv1.thesweetbasket.com/emailAddress=user-9f8ee8e74035@xymon.invalid
                signature algorithm: sha256WithRSAEncryption

            Cipher used: ECDHE-RSA-AES256-GCM-SHA384 (256 bits)


            -- 

            sysadmcronomagic.com/gemstelecom.com  <http://cronomagic.com/gemstelecom.com>;
            user-3a42a2ba864a@xymon.invalid  <mailto:user-fbc5ef527f6f@xymon.invalid>

            POWERED BY LINUX


            <


        <

-- 

sysadm  cronomagic.com/gemstelecom.com
user-3a42a2ba864a@xymon.invalid

POWERED BY LINUX

-- 

sysadm  cronomagic.com/gemstelecom.com
e-mail  user-fbc5ef527f6f@xymon.invalid

POWERED BY LINUX