You are viewing a plain text version of this content. The canonical link for it is here.

Posted to infrastructure-issues@apache.org by "#asfinfra IRC Bot (Commented) (JIRA)" <ji...@apache.org> on 2011/12/31 01:39:30 UTC

[jira] [Commented] (INFRA-4263) have nagios alert if SSL certs are about to expire on any monitored apache.org hosts

    [ https://issues.apache.org/jira/browse/INFRA-4263?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13177855#comment-13177855 ] 

#asfinfra IRC Bot commented on INFRA-4263:
------------------------------------------

<danielsh`> ea@ will remind us of certificate expirations --- this has already been requested/implemented

                
> have nagios alert if SSL certs are about to expire on any monitored apache.org hosts
> ------------------------------------------------------------------------------------
>
>                 Key: INFRA-4263
>                 URL: https://issues.apache.org/jira/browse/INFRA-4263
>             Project: Infrastructure
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: Nagios
>            Reporter: Hoss Man
>
> The SSL cert for issues.apache.org expired earlier today. in response to an inquire on #asfinfra, it was noted that the new certificate was already available and had been installed on many machines last week, but evidently some were overlooked.
> Although i am not very knowledgeable about nagios, it occurred to me that this is probably a situation that could easily be monitored & alerted if/when the situation arises again in the future.
> cursory googling suggests that there are nagios plugins explicitly for testing pending SSL expiration, but if we are already using the "check_http" nagios plugin (not sure how to find out, but it seems generic enough that we probably are, and if not: probably should) then there is a "-C <age>" option that can be used for this
> Using check_http...
> http://blog.bashton.com/2010/quick-tip-check-ssl-certificate-life-in-nagios/
> Alternate plugin options...
> http://exchange.nagios.org/directory/Plugins/Network-Protocols/HTTP/check_ssl_certificate/details
> http://exchange.nagios.org/directory/Plugins/Network-Protocols/HTTP/check_ssl_cert_alternative/details

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira