On Tue, November 26, 2013 7:31 am, Novosielski, Ryan wrote:
Hi all,
Is there a way to check an SSL service without caring if the cert is expired? I realize this may be an odd thing to want to do, but apparently in the application that it's being used the cert does not need to be current, just otherwise functioning to provide SSL (the real service is in front of a load balancer or something that doesn't care). Is there a way to make a cert expiration not cause the test to go red without playing with the source code?
From the crazy-enough-it-might-just-work dept:
I don't see anything in the source that wouldn't take --sslalarm as a signed int, but I don't have an expired cert lying around to test at the moment. Have you tried something like --sslalarm=-9999 in xymonnet's command line?
HTH,
-jc