Hi,
xymon would never be fast enough implementing checks against current ssl vulnerabilities
ssllabs does provide a webservice API for thorough SSL checking which can be accessed from xymon quite easily
Markus
Am 09.11.2015 um 22:24 schrieb Mark Felder <feld at feld.me>: On Mon, Nov 9, 2015, at 15:18, Scot Kreienkamp wrote:
Hi there,
I am testing a site in Xymon that is testing OK, but throws an SSL error in the browser. Wondering why that was, I looked at the certificate for the site... it doesn't match the domain name of the site that's serving it, which causes the browser to display an SSL error. I was expecting Xymon to do the same. Apparently Xymon doesn't check to make sure the certificate matches the URL.
Xymon doesn't check the chain of trust or validate the hostname of the certificate. It will gladly tell you if it expires, though :)
It would be nice to teach Xymon to validate the certificate more thoroughly.
-- Mark Felder feld at feld.me
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
-- Dr. Markus Stoll (Geschäftsführer) markus.stoll at junidas.de GPG: 8F8C 4A15 F3F4 F2A6 9D0E 5FCC 95D7 F6A7 662C 8C83 Peerio: 2Bc2qPRLJo8tgZXzH3sPTXg6HU5JsEthNdjrC8Y2F9kZ7z miniLock: mUZgLgha4Ymex8cP15qXHjKYpt5g3dVzBo4sUEnqWjNbh
junidas GmbH, Aixheimer Str. 12, 70619 Stuttgart Tel. +49 (711) 4599799-11, Fax +49 (711) 4599799-10 Geschäftsführer: Dr. Markus Stoll, Matthias Zepf Amtsgericht Stuttgart, HRB 21939