I needed quite some time to figure out how to check certificate validity, but I am still not certain if this is correct. The goal is to be reminded 10 days before certificate expiration date.
As item I use SSH agent and foloowing command to get epoch time of certificate expiration date:
For trigger expression I use:
My question is if this is correct way to test validity of certificate. The documentation for fuzzytime just states that fuzzytime checks the difference between item timestamp value and Zabbix server timestamp. But what does this difference mean? Is server timestamp extracted from item timestamp or vice versa? Whill I get notification 10 days before the expiration date or 10 days after it? Are there any better ways to do this.
As item I use SSH agent and foloowing command to get epoch time of certificate expiration date:
Code:
date --date="$(openssl x509 -enddate -noout -in /root/mycert.pem | cut -d= -f 2)" +'%s'
Code:
{KDD:ssh.run[certificate_validity_item].fuzzytime(86400)} = 0
Comment