Zabbix Monitoring SSL certificate of backend server behind a load balancer?
Hello,
I'm fan of zabbix product because it's really a wonderful monitoring system. But I'm newbie here and I've a question.
I'm monitoring 2 websites which act like backend servers behind a load balancer. So, I found out on Web Scenario that I could use the loadbalancer IP using {$HOST.LOADBALANCER_IP} as URL and a "Host:" "{$HOST_BACKEND_SERVER}" with the needed FQDN to check the individual backend-servers via HTTP correctly, and it is working.
However, I need to check if backend server SSL certificate has been expired or not. Helping with that, in "Web Scenario" -> "Authentication" tab, I've checked "SSL verify peer" checkbox option and this configuration is working for all HTTP services, except for this 2 backend servers (Because these of my 2 backend servers have SSL certificate expired and zabbix is returning 301 or 200 code as result instead of "SSL certificate problem: unable to get local issuer certificate").
On CLI when i execute this command: curl -v --resolve biblioteca.xxxxxx.pt:443:195.14.11.210 https://biblioteca.xxxxxx.pt, gives me this output: (SSL certificate problem: unable to get local issuer certificate), what i needed to obtain from zabbix.
I'm struggling with this problem and I don't know what i can't do.
What can i do for resolving that?
Thanks you!
I'm fan of zabbix product because it's really a wonderful monitoring system. But I'm newbie here and I've a question.
I'm monitoring 2 websites which act like backend servers behind a load balancer. So, I found out on Web Scenario that I could use the loadbalancer IP using {$HOST.LOADBALANCER_IP} as URL and a "Host:" "{$HOST_BACKEND_SERVER}" with the needed FQDN to check the individual backend-servers via HTTP correctly, and it is working.
However, I need to check if backend server SSL certificate has been expired or not. Helping with that, in "Web Scenario" -> "Authentication" tab, I've checked "SSL verify peer" checkbox option and this configuration is working for all HTTP services, except for this 2 backend servers (Because these of my 2 backend servers have SSL certificate expired and zabbix is returning 301 or 200 code as result instead of "SSL certificate problem: unable to get local issuer certificate").
On CLI when i execute this command: curl -v --resolve biblioteca.xxxxxx.pt:443:195.14.11.210 https://biblioteca.xxxxxx.pt, gives me this output: (SSL certificate problem: unable to get local issuer certificate), what i needed to obtain from zabbix.
I'm struggling with this problem and I don't know what i can't do.
What can i do for resolving that?
Thanks you!