[Pkg-nagios-devel] Bug#644627: Bug#644627: nagios-plugins-basic: check_http --ssl doesn't verify the validity of a certificate
Michael Renner
robe at amd.co.at
Sun Feb 19 11:17:59 UTC 2012
On Feb 19, 2012, at 12:06 , Jan Wagner wrote:
> "Notes:
> This plugin will attempt to open an HTTP connection with the host.
> [...]
> This plugin can also check whether an SSL enabled web server is able to
> serve content (optionally within a specified time) or whether the X509
> certificate is still valid for the specified number of days."
>
> This indicates, that you are trying to use this plugin for something
> that is not intended to be used for.
> Anyways, this would be indeed an usefull extension.
Hi Jan,
thanks for your answer! I was negatively surprised by check_http since (nearly?) every other SSL/TLS implementation will at least warn about not checking specific things you'd expect from a sane/full implementation or explicitly mention it in the docs.
Explicitly pointing out that this plugin will _ONLY_ verify the expiry date of the certificate should prevent surprises for other people in the future.
best,
Michael
More information about the Pkg-nagios-devel
mailing list