It would be easy to write a script to capture this but it would be better if Xymon were able to do this since it already manages these basic services through explicit ssl. I poked a bit in the code but I don't see where it's really trying to manage this. While I am not strong in the ways of C, I'd be willing to see if it's within my limited capabilities to extend what is already there. It's essentially the same test just with different options since xymonnet is already using the openssl libs (I'm sure I'm oversimplifying).
=G=
From: Xymon <xymon-bounces at xymon.com> on behalf of John Thurston <john.thurston at alaska.gov> Sent: Friday, December 18, 2015 1:27 PM To: xymon at xymon.com Subject: Re: [Xymon] ftps tests
On 12/18/2015 9:19 AM, Galen Johnson wrote:
- snip -
Any thoughts on how we might be able to integrate this?
Well, I was able to get it to connect using
/openssl s_client -starttls ftp -crlf -connect remote.host:21/
We pull the cert from our ftps servers with an EXT script we created back in Big Brother days (before cert expiration checking was native in bb/xymonnet). Our script uses openssl s_client and option-in "-starttls ftp" when we ask for certs from a predefined list of ports.
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Enterprise Technology Services Department of Administration State of Alaska
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon