On Thu, 27 Feb 2020, Christian Kujau wrote:
> On Thu, 27 Feb 2020, Dave Compton wrote:
> > I suggest adding an option to check_http to set the maximum validity time
> > of the certificate. My C is rather rusty but I'd be happy to try and hack
>
> Isn't this already accomplished with the (uppercase) -C option?
Oh, now I get it, I think - you want to be alarmed if a certificate is
valid for too long. OK, short of adding another option to check_{http,tcp}
there's always "negate":
----------------------------
$ plugins/negate `pwd`/plugins/check_http -H localhost -p 8443 -C 401,400
OK - Certificate 'localhost' will expire on Mon Jul 12 02:28:26 2021 +0000.
$ echo $?
2
$ plugins/negate `pwd`/plugins/check_http -H example.org -S -C 401,400
CRITICAL - Certificate 'example.org' expires in 47 day(s) (Wed Apr 15 06:48:11
2020 +0000).
$ echo $?
0
----------------------------
Will that work for checking for "maximum validity time"?
Christian.
--
BOFH excuse #26:
first Saturday after first full moon in Winter
