Menu
I have the following configuration -
check host qbox_logstash_1
with address blah.mysite.com
group qbox
if failed
host blah.mysite.com
port 443
type TCPSSL
protocol https
http headers [ Authorization: Basic dXJiYW5sYWiYW5sBlaHToHideThisAuthMjM= ]
then alert
It just connects and never checks that the domain has wrong certificate. Why is monit not checking the certificate?
379
To check an SSL certificate on any website, all you need to do is follow two simple steps. First, check if the URL of the website begins with HTTPS, where S indicates it has an SSL certificate. Second, click on the padlock icon on the address bar to check all the detailed information related to the certificate.
To obtain an HTTPS certificate, perform the following steps: Create a private and public key pair, and prepare a Certificate Signing Request (CSR), including information about the organization and the public key. Contact a certification authority and request an HTTPS certificate, based on the CSR.
Open the tool: SSL Checker. Enter the URL in the space provided for that purpose and click on the "Check SSL Certificate" button. The tool will process your query and provide the results, including common name, server type, issuer, validity, certificate chaining, and additional certificate details.
You need to include the certificate valid directive:
if failed
...
certificate valid > 10 days
then alert
See the documentation here: https://mmonit.com/monit/documentation/monit.html#CONNECTION-TESTING
169
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
