I don’t need it to do vulnerability scanning. I just want to know the basics like if the SSL cert doesn’t match the URL that is serving it up.
Curl already has to have a lot of that built in as it balks at the cert mismatch, maybe it can be leveraged somehow.
Scot Kreienkamp | Senior Systems Engineer | La-Z-Boy Corporate One La-Z-Boy Drive | Monroe, Michigan 48162 | Office: 734-384-6403 | | Mobile: 7349151444 | Email: Scot.Kreienkamp at la-z-boy.com
-----Original Message----- From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of Mark Felder Sent: Tuesday, November 10, 2015 9:28 AM To: Markus Stoll, junidas GmbH <markus.stoll at junidas.de> Cc: xymon at xymon.com Subject: Re: [Xymon] SSL Certificate test failure
On Tue, Nov 10, 2015, at 04:24, Markus Stoll, junidas GmbH wrote:
Hi,
xymon would never be fast enough implementing checks against current ssl vulnerabilities
ssllabs does provide a webservice API for thorough SSL checking which can be accessed from xymon quite easily
I don't think anybody asked for this functionality. We're simply asking Xymon to be able to differentiate between a certificate with a valid chain of trust and one that is broken or self-signed.
-- Mark Felder feld at feld.me
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
This message is intended only for the individual or entity to which it is addressed. It may contain privileged, confidential information which is exempt from disclosure under applicable laws. If you are not the intended recipient, you are strictly prohibited from disseminating or distributing this information (other than to the intended recipient) or copying this information. If you have received this communication in error, please notify us immediately by e-mail or by telephone at the above number. Thank you.