On 11/2/2016 8:22 PM, David Baldwin wrote:
Martin,
There is an option for xymonnet to enable SNI - here's my tasks.cfg snippet - see man xymonnet
[xymonnet] ENVFILE /home/xymon/server/etc/xymonserver-net.cfg NEEDS xymond CMD xymonnet --report --ping --checkresponse --bb-proxy-syntax --sni=on --timeout=20 --sslkeysize=2048 LOGFILE $XYMONSERVERLOGS/xymonnet.log INTERVAL 5m
SNI can also be enabled per-host. See the man page for hosts.cfg:
sni nosni Enables or disables use of SNI (Server Name Indication) for SSL tests. Some SSL implementations cannot handle SSL handshakes with SNI data, so Xymon by default does not use SNI. This default can be changed with the "--sni" option for xymonnet(1) but can also be managed per host with these tags. SNI support was added in Xymon 4.3.13, where the default was to use SNI. This was changed in 4.3.14 so SNI support is disabled by default, and the "sni" and "nosni" tags were introduced together with the "--sni" option for xymonnet.
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Enterprise Technology Services Department of Administration State of Alaska