[Pkg-nagios-devel] Bug#545484: Bug#545484: nagios-plugins-basic: enable SSL certificate validity check by default

Jan Wagner waja at cyconet.org
Wed Oct 14 23:42:31 UTC 2009


HI Thijs,

On Monday, 7. September 2009, Thijs Kinkhorst wrote:
> A number of Nagios plugins include useful functionality when connecting
>  over SSL: they check if the certificate is still valid and report a
>  warning or error when it (soon) expires.
> 
> I end up enabling this functionality in my configurations each time because
> it's not enabled by default. I haven't yet found a reason why it shouldn't
> be enabled.
> 
> Attached is a patch that in the shipped configuration enables this useful
> extra check.

as I can understand, that this would be a usefull addition, I think we have a 
couple of disadvantages.

* users which uses a certificate and don't care if its valid/expired (just 
want to encrypt the payload) maybe get nerved
* what ever we choose as days until the cert expires ... users may edit this 
anyways, as they want to set different values

Adding more check seems also not an option, as we have so huge checks for 
stuff, but we can't provide command definitions for everything.

With kind regards, Jan.
-- 
Never write mail to <waja at spamfalle.info>, you have been warned!
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT d-- s+: a- C+++ UL++++ P+ L+++ E- W+++ N+++ o++ K++ w--- O M V- PS PE
Y++ PGP++ t-- 5 X R tv- b+ DI- D++ G++ e++ h-- r+++ y+++
------END GEEK CODE BLOCK------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-nagios-devel/attachments/20091015/6c00c575/attachment.pgp>


More information about the Pkg-nagios-devel mailing list