check_http ssl certificate

Scott McCamish (Contractor) mccamish at usna.edu
Mon Jun 5 13:29:08 CEST 2006

Previous message: check_http ssl certificate
Next message: check_http ssl certificate
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Scott-

Lundgren, Scott wrote:
> Do you know why the browser is prompting about the certificate when you
> access the URL through your browser? Does the certificate match or is it
> expired? 
>   

It's prompting in firefox/IE because it's an unknown certificate 
authority. 
> you may have to look through the source of the check_http plug-in and to
> see how it handles SSL certificate negotiation. On one hand it could
> blindly trust any certificate. On the other hand like a browser the
> plugin could consult some file for manually accepted & stored
> certificates or simply exit if the certificate doesn't is
> expired/doesn't match.
>   

I did look through the source of check_http, and also 
check_http-with-client-certificate.c, however I'm not familiar
enough with C to know how to get what I want out of it :)

I'd be happy if I could get it to blindly accept the certificate.

Anybody have some quick thoughts as to where in the code I should look 
to make this kind of change?

Thanks!

> Scott Lundgren
> ITS - Web Services
> UNC at Charlotte
> http://www.uncc.edu
>
> -----Original Message-----
> From: nagios-users-admin at lists.sourceforge.net
> [mailto:nagios-users-admin at lists.sourceforge.net] On Behalf Of Scott
> McCamish (Contractor)
> Sent: Tuesday, May 30, 2006 2:40 PM
> To: nagios-users at lists.sourceforge.net
> Subject: [Nagios-users] check_http ssl certificate
>
> Hi all-
>
> A web server was recently upgraded, and my check_http --ssl service is
> now failing.
>
> The server is sending a certificate when accessing through a browser.  
> How can I
> accept the certificate; either permanently through the nagios user cmd
> line, or through flags to check_http?
>
> 'check_http --ssl H xyzxyz -C 14' works fine to see the expiration...
>
> I did read a recent thread that suggested the servers http config be
> changed, but I don't have access/approval to change the server config.
>
> Thanks for reading!
>
> Nagios 1.2 (I'll be upgrading soon)
>
> $ ./check_http -H xyzxyz --ssl -f=follow -v GET / HTTP/1.0
> User-Agent: check_http/1.89 (nagios-plugins 1.4.3)
> Host: xyzxyz
>
> No data received
> $
>   
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mccamish.vcf
Type: text/x-vcard
Size: 267 bytes
Desc: not available
URL: <https://www.monitoring-lists.org/archive/users/attachments/20060605/bdf84f81/attachment.vcf>
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: check_http ssl certificate
Next message: check_http ssl certificate
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list