9 Jan
2018
9 Jan
'18
4:49 p.m.
After trial and error: This is what worked:
https://www.thesweetbasket.com/en/ sni
On 1/9/18 11:41, SebA wrote:
Your Windows machine + Chrome is using SNI.
On 9 January 2018 at 16:25, Josh Luthman <josh at imaginenetworksllc.com <mailto:josh at imaginenetworksllc.com>> wrote:
My Windows machine + Chrome believes that certificate is good until 2019... https://i.imgur.com/JiSHntT.png <https://i.imgur.com/JiSHntT.png> Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St <https://maps.google.com/?q=1100+Wayne+St+Suite+1337+Troy,+OH+45373&entry=gmail&source=g> Suite 1337 <https://maps.google.com/?q=1100+Wayne+St+Suite+1337+Troy,+OH+45373&entry=gmail&source=g> Troy, OH 45373 <https://maps.google.com/?q=1100+Wayne+St+Suite+1337+Troy,+OH+45373&entry=gmail&source=g> On Tue, Jan 9, 2018 at 11:19 AM, SebA <spah at syntec.co.uk <mailto:spah at syntec.co.uk>> wrote: Hi Frank, Xymon has picked up the certificate that is on https://66.159.47.82/ the IP address that www.thesweetbasket.com <http://www.thesweetbasket.com> resolves to. That certificate has indeed expired. However, to get Xymon to test the certificate you are actually using, you need to enable sni. Search for sni in the man page here: http://xymon.sourceforge.net/xymon/help/manpages/man5/hosts.cfg.5.html <http://xymon.sourceforge.net/xymon/help/manpages/man5/hosts.cfg.5.html> But, the short answer is you can probably just add the sni tag to your host in hosts.cfg. Kind regards, SebA On 9 January 2018 at 16:06, Frank <ve2cii at canasoft.net <mailto:ve2cii at canasoft.net>> wrote: Hi, This is for the sslcert service: I have xymon monitoring a web site where the certificate has been changed twice over the past 2 years. And it is currently up to date. What xymon is showing for the dates of the certificate are wrong. Is there a way to fix this so it shows the correct certificate and not an old one? start date: 2014-12-02 19:29:50 GMT expire date:2015-04-01 19:29:50 GMT Tue Jan 9 10:58:46 2018 red SSL certificate for https://www.thesweetbasket.com/en/ <https://www.thesweetbasket.com/en/> expired 1013 days ago Server certificate: subject:/C=CA/ST=Que/L=Montreal/O=Cronomagic/OU=Web/CN=serv1.thesweetbasket.com/emailAddress=frank at canasoft.net <mailto:subject:/C=CA/ST=Que/L=Montreal/O=Cronomagic/OU=Web/CN=serv1.thesweetbasket.com/emailAddress=frank at canasoft.net> start date: 2014-12-02 19:29:50 GMT expire date:2015-04-01 19:29:50 GMT key size:1024 issuer:/C=CA/ST=Que/L=Montreal/O=Cronomagic/OU=Web/CN=serv1.thesweetbasket.com/emailAddress=frank at canasoft.net <mailto:issuer:/C=CA/ST=Que/L=Montreal/O=Cronomagic/OU=Web/CN=serv1.thesweetbasket.com/emailAddress=frank at canasoft.net> signature algorithm: sha256WithRSAEncryption Cipher used: ECDHE-RSA-AES256-GCM-SHA384 (256 bits) -- sysadmcronomagic.com/gemstelecom.com <http://cronomagic.com/gemstelecom.com> e-mailve2cii at canasoft.net <mailto:ve2cii at canasoft.net> POWERED BY LINUX _______________________________________________ Xymon mailing list Xymon at xymon.com <mailto:Xymon at xymon.com> http://lists.xymon.com/mailman/listinfo/xymon <http://lists.xymon.com/mailman/listinfo/xymon> _______________________________________________ Xymon mailing list Xymon at xymon.com <mailto:Xymon at xymon.com> http://lists.xymon.com/mailman/listinfo/xymon <http://lists.xymon.com/mailman/listinfo/xymon>
--
sysadm cronomagic.com/gemstelecom.com e-mail ve2cii at canasoft.net
POWERED BY LINUX