Hello,
Since we have upgraded from Monit 5.20.0 to 5.27.0 with have an issue with
certificate verification.
It seems broken as it cannot maanged to retrieve the certificate expiration
and it warn about a self signed certificate when it is not the case.
We are using the linux-x64 binary version from the website.
We have two rules:
------------------------------------------
if failed port 443 protocol https with ssl options {verify: enable} and
certificate valid > 10 days for 5 cycles then alert
if failed port 443 protocol https request "/" with content ="xxxxxxx" for 5
cycles then alert
-------------------------------------------
We tried to change the part "with ssl options {verify: enable}" to "with
ssl options {selfsigned: allow}" without any success.
Also regarding the documentation enhancement, we had to put the part "with
ssl options {selfsigned: allow}" after the part 'request "/" with content
="xxxxxxx"' else Monit configuration syntax was failing. It would be good
to provide a sample in documentation.
In the global configuration file, the ssl setting was set to
set ssl {
verify : enable,
}
We tried to add the new parameter "version" but it doesn't solved the issue.
set ssl {
version: auto,
verify : enable,
}
Could anyone provide some guidance for this case ?
Best Regards.
