check_http Certificate Check configuration help

  • Hi All,


    I'm trying to use the "check_http" plugin to gather the certificate expiry times of various web sites.


    I have the service set up as follows:

    Code
    1. apply Service for (http_vhost => config in host.vars.http_vhosts) {
    2.   import "generic-service"
    3.   check_command = "http"
    4.   vars += config
    5. }

    And the host:


    Each vhost has a different certificate, so all need checking. However Icinga 2 is returning the certificate from Site 2 for all 3 sites.


    The documentation does say "This parameter explicitely sets the port to 443 and ignores the URL if passed." So how can I get it to check all 3 properly?


    Thanks in advance.

  • Hi,


    when the webserver serving more than one websites you need to set the http_vhost parameter.


    This is my config for a certificate check:

    Code
    1. vars.http_sites["https certificate site1.domain.local"] = {
    2.     http_address = "site1.domain.local"
    3.     http_vhost = "site1.domain.local"
    4.     http_uri = "/"
    5.     http_ssl = "true"
    6.     http_sni = "true"
    7.     http_certificate = "30,10"
    8. }
  • Thanks, works now.


    Only issue I have left is that I'm using basic http auth for one of the sites, so I have to put the credentials in the "http_auth_pair" variable. This is fine but it shows the credentials in plain text from within Icinga Web 2. Underneath the black is the credentials.