Disable SSL cert expiration test
list Ryan Novosielski
Hi all,
Is there a way to check an SSL service without caring if the cert is expired? I realize this may be an odd thing to want to do, but apparently in the application that it's being used the cert does not need to be current, just otherwise functioning to provide SSL (the real service is in front of a load balancer or something that doesn't care). Is there a way to make a cert expiration not cause the test to go red without playing with the source code?
Thanks.
--
____ *Note: UMDNJ is now Rutgers-Biomedical and Health Sciences*
|| \\UTGERS |---------------------*O*---------------------
||_// Biomedical | Ryan Novosielski - Sr. Systems Programmer
|| \\ and Health | user-46c89e614701@xymon.invalid - 973/972.0922 (2x0922)
|| \\ Sciences | OIT/EI-Academic Svcs. - ADMC 450, Newark
`'
list Japheth Cleaver
▸
On Tue, November 26, 2013 7:31 am, Novosielski, Ryan wrote:
Hi all, Is there a way to check an SSL service without caring if the cert is expired? I realize this may be an odd thing to want to do, but apparently in the application that it's being used the cert does not need to be current, just otherwise functioning to provide SSL (the real service is in front of a load balancer or something that doesn't care). Is there a way to make a cert expiration not cause the test to go red without playing with the source code?
From the crazy-enough-it-might-just-work dept: I don't see anything in the source that wouldn't take --sslalarm as a signed int, but I don't have an expired cert lying around to test at the moment. Have you tried something like --sslalarm=-9999 in xymonnet's command line? HTH, -jc