hi all ,
i build my own template before i found the zbx template on git for this plugin to check details of the cert on ssl connection.
in general it works fine as i am looking mainly for "not_after":{"value":"Sep .... value
i have found some inconsistency in the field / value "result":{"value":"invalid" of the json.
we run wildcards on some servers , to these are all the same certs. checking the "serial_number" is the same , string for "issuer" is the same.
nevertheless at some host , presenting the cert, zabbix will result into "result":{"value":"invalid","message":"failed to verify certificate: x509: certificate signed by unknown authority"},
other host have a result of valid ...
any idea why ?
does the plugin consider any timout settings (of the agent config ??? )
which CA stores are considered during the evaluation of the cert ? OS of the client ? Static ones compiled into the plugin ?
thx
i build my own template before i found the zbx template on git for this plugin to check details of the cert on ssl connection.
in general it works fine as i am looking mainly for "not_after":{"value":"Sep .... value
i have found some inconsistency in the field / value "result":{"value":"invalid" of the json.
we run wildcards on some servers , to these are all the same certs. checking the "serial_number" is the same , string for "issuer" is the same.
nevertheless at some host , presenting the cert, zabbix will result into "result":{"value":"invalid","message":"failed to verify certificate: x509: certificate signed by unknown authority"},
other host have a result of valid ...
any idea why ?
does the plugin consider any timout settings (of the agent config ??? )
which CA stores are considered during the evaluation of the cert ? OS of the client ? Static ones compiled into the plugin ?
thx