Would something like this not work:
group HTTP 0.0.0.0 host1.example.com # https://host1.example.com 0.0.0.0 host2.example.com # https://host2.example.com ...
=G=
From: Xymon [xymon-bounces at xymon.com] on behalf of Ralph Mitchell [ralphmitchell at gmail.com] Sent: Tuesday, August 06, 2013 3:38 PM To: John D. Alexander Cc: xymon at xymon.com Subject: Re: [Xymon] SSL Certs on servers with multiple virtualhosts
I have a script that fakes the xymonnet http & sslcert columns. I'll post it to the list this evening when I get home from work.
Ralph Mitchell
On Tue, Aug 6, 2013 at 2:32 PM, John D. Alexander <JAlexander at feeneywireless.com<mailto:JAlexander at feeneywireless.com>> wrote:
I’m running Xymon 4.3.12 on CentOS 6.4 and monitoring a number of Apache web servers that each have multiple SSL VirtualHosts.
Xymon appears to be using the openssl s_client utility to check server certificates and since s_client is not SNI compliant, it only picks up the certificate of the first VirtualHost. All other VirtualHosts are reported having the same certificate.
Does anyone know of a workaround (perhaps using curl) to validate SSL certificates and track expiration dates of those certificates?
Thanks much.
John Alexander Network Administrator
Xymon mailing list Xymon at xymon.com<mailto:Xymon at xymon.com> http://lists.xymon.com/mailman/listinfo/xymon