Ad Widget

Collapse

Chec SSL Certificares: How to deal with multiple subdomains on a simple host

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • RedNano
    Junior Member
    • Apr 2017
    • 7
    #1

    Chec SSL Certificares: How to deal with multiple subdomains on a simple host

    Well, I've used this script as base
    Zabbix Integrations and Templates
    https://share.zabbix.com/cat-app/web-servers/ssl-certificates-check-4-4
    The Zabbix Team has collected all official Zabbix monitoring templates and integrations.

    Corrected a failure in which some cases the script would output a sed error.
    Anywho..... I have a host with a single apache server but multiple virtual hosts, each of them with their own certificate.

    The only way I found to check more than one of those domains was to create "fake" hosts, pointing at 127.0.0.1, adding this check and configuring a macro with {$SNI} with the different domains.

    Is this the best way to do so?
    Does anyone have any suggestion on how to do this better?

    Thanks!!!
    Tags: None
    • keitht
      Junior Member
      • Feb 2021
      • 12
      #2
      Did you find a solution or workaround for this? I'm in the same situation.

        Comment

        • Hamardaban
          Senior Member
          Zabbix Certified SpecialistZabbix Certified Professional
          • May 2019
          • 2713
          #3
          you can use LLD for grab all subdomain

          key —> ssl.discovery[{$SSLPORT}]

          UserParameter=ssl.discovery[*],/bin/echo -n '{"data":['; for ipaddress in $(/usr/bin/sockstat -4l | /usr/bin/grep :$1 | /usr/bin/grep -v "127.0.0.1" | /usr/bin/cut -w -f 6 | /usr/bin/cut -d ":" -f 1 | /usr/bin/sort | /usr/bin/uniq); do /bin/echo -n "{"{#IPADRESS}":"$ipaddress"},"; done | /usr/bin/sed -e 's:,$::'; /bin/echo -n ']}'

          and ltemprototype external check ssl_valid.sh[{#IPADRESS}]

          #!/bin/sh
          #Prepared by Marcin 'szremo' Szremski'
          #setenv LC_ALL en_GB.UTF-8
          LC_ALL=en_GB.UTF-8
          export LC_ALL

          SSL_DATE=$(echo | /usr/local/bin/openssl s_client -servername $1 -connect $1:443 2>/dev/null | /usr/local/bin/openssl x509 -noout -dates | /usr/bin/grep notAfter | /usr/bin/awk -F = '{ print $2 }' | /usr/bin/awk 'BEGIN {OFS = "-"} {print $1,$2,$4}')
          #echo $SSL_DATE
          EXPTIME=$(/bin/date -j -f "%b-%d-%Y" $SSL_DATE +%s)
          #echo $EXPTIME
          TODAY=$(/bin/date +"%b-%d-%Y")
          #echo $TODAY
          CURRENT=$(/bin/date -j -f "%b-%d-%Y" $TODAY +%s)
          #echo $CURRENT
          LC_ALL=ru_RU.UTF-8
          export LC_ALL
          NUM=$(($EXPTIME - $CURRENT))
          RESULT=$(($NUM/86400))
          echo $RESULT

            Comment

            Previous template Next
            Working...