Grant
I'd be surprised if you couldn't use https://<IP>:3389/ and get some kind of useful result.
You can use the "ssl" keyword in protocols.cfg and that checks the certificate. Something like this:
[rdps] port 3389 options ssl send "QUIT\r\n"
The "send" line is not necessary, but it lets the RDP endpoint close the session, and might avoid error logs being added to the event logs.
J
On Thu, 26 Sept 2024 at 07:22, Grant Taylor via Xymon <xymon@xymon.com> wrote:
Hi,
How do I have Xymon monitor the TLS cert used by RDP?
I can easily get the cert using the following commands:
openssl s_client -connect <IP>:3389 < /dev/null |& openssl x509-noout -startdate -enddate
I'd like to apply the same type of logic to RDP that the HTTPS tests use for certificate expiration warning / critical.
I skimmed the hosts.cfg manual and didn't find a way to monitor TLS for arbitrary ports.
I also don't think that the static [rdp] entry in protocols.cfg can be extended to monitor dynamic TLS information.
Any guidance would be appreciated.
-- Grant. . . . unix || die
Xymon mailing list -- xymon@xymon.com To unsubscribe send an email to xymon-leave@xymon.com