Web Servers

check_ssl_cert.pl (Advanced Nagios Plugins Collection)

Write a Review

Description:

Check SSL Certificate Validity:

1. Certificate Expiry in days
2. Chain of Trust
2a. Root CA certificate is trusted
2b. Any intermediate certificates are present, especially important for Mobile devices
3. Domain name on certificate (optional)
4. Subject Alternative Names supported by certificate (optional)

Current Version

Last Release Date

October 3, 2013

Compatible With

  • Nagios 1.x
  • Nagios 2.x
  • Nagios 3.x
  • Nagios XI

Owner

Hari Sekhon

Website

https://github.com/harisekhon/nagios-plugins

Download URL

https://github.com/harisekhon/nagios-plugins

Copy Page Link Recommend Login to Add to Favorites Login to Claim
Nagios CSP

Meet The New Nagios Core Services Platform

Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.

Download Now

Monitoring Made Magically Better

  • Nagios Core on Overdrive
  • Powerful Monitoring Dashboards
  • Time-Saving Configuration Wizards
  • Open Source Powered Monitoring On Steroids
  • And So Much More!
Project Notes
Part of the Advanced Nagios Plugins Collection, download it here: https://github.com/harisekhon/nagios-plugins ./check_ssl_cert.pl --help Nagios Plugin to check SSL Certificate Validity Checks: 1. Certificate Expiry in days 2. Chain of Trust 2a. Root CA certificate is trusted 2b. Any intermediate certificates are present, especially important for Mobile devices 3. Domain name on certificate (optional) 4. Subject Alternative Names supported by certificate (optional) usage: check_ssl_cert.pl [ options ] -H --host The host to check -P --port The port to check (defaults to port 443) -d --domain Expected domain of the certificate -s --subject-alternative-names Additional FQDNs to require on the certificate -w --warning The warning threshold in days before expiry (defaults to 30) -c --critical The critical threshold in days before expiry (defaults to 14) -N --no-validate Do not validate the SSL certificate chain -C --CApath Path to ssl root certs dir (will attempt to determine from openssl binary if not supplied) -h --help Print description and usage options -t --timeout Timeout in secs (default: 10) -v --verbose Verbose mode -V --version Print version and exit
Reviews (1) Add a Review
Needs to be tweaked for certificates that contain OIDs
by frnkblk, October 31, 2014
I had to tweak the script to handle certificates that contain OIDs.

Change:
my %h=grep /./,(split //([A-Za-z]+)=/,$subject);
to
my %h=grep /./,(split //([A-Za-z]+|[.d]+)=/,$subject);
Helpful?    
Report
Add a Review

You must be logged in to submit a review.

Thank you for your review!

Your review has been submitted and is pending approval.

Recommend

To:


From:


Thank you for your recommendation!

Your recommendation has been sent.

Page Sections
Project Overview Project Notes Reviews
Project Stats
Rating
4 (1)
Favorites
0
Views
771,531