Ad Widget

**[email protected]** · 2026-04-02T08:17:15+00:00

That template isnt made for that kind of checks. It can only verify the certificate specified in the macros and on the port specified.
I made my own cert check for internal certificates instead. In powershell.

Code:

param(
    [string]$CertSubject = "Litigation-Automation"
)

# Get the newest matching certificate from LocalMachine\My
$cert = Get-ChildItem Cert:\LocalMachine\My |
    Where-Object { $_.Subject -like "*$CertSubject*" } |
    Sort-Object NotAfter -Descending |
    Select-Object -First 1

if ($null -eq $cert) {
    Write-Output "-1"  # No certificate found
    exit 1
}

# Calculate days until expiration
$daysRemaining = (New-TimeSpan -Start (Get-Date) -End $cert.NotAfter).Days
Write-Output $daysRemaining

And you need to change the path Cert:\LocalMachine\My and the $CertSubject = "Litigation-Automation" to your own of course.

Then create a new item - Change the key to your own.

Edit the agents config file

Code:

UserParameter=cert.expiry[*],powershell -NoProfile -ExecutionPolicy Bypass -File "C:\Scripts\Zabbix\Certificate\MonitorCertificate. ps1" -CertSubject "$1"

and dont forget to put the script in the right folder.

Last make a trigger with the following expression

Code:

(last(/YourHostsName/cert.expiry[Litigation-Automation])<30)
or
(last(/YourHostsName/cert.expiry[Litigation-Automation])=0)

Then its just rinse and repeat for any cert you want to monitor.

Ad Widget

Website certificate by Zabbix agent 2

Website certificate by Zabbix agent 2

Comment