check_http Certificate Check configuration help

This forum was archived to /woltlab and is now in read-only mode. Please register a new account on our new community platform.

You can create a thread on the new site and link to an archived thread. This archive is available as knowledge base, safe and secured.

More details here.
  • Hi All,

    I'm trying to use the "check_http" plugin to gather the certificate expiry times of various web sites.

    I have the service set up as follows:

    1. apply Service for (http_vhost => config in host.vars.http_vhosts) {
    2.   import "generic-service"
    3.   check_command = "http"
    4.   vars += config
    5. }

    And the host:

    Each vhost has a different certificate, so all need checking. However Icinga 2 is returning the certificate from Site 2 for all 3 sites.

    The documentation does say "This parameter explicitely sets the port to 443 and ignores the URL if passed." So how can I get it to check all 3 properly?

    Thanks in advance.

  • Hi,

    when the webserver serving more than one websites you need to set the http_vhost parameter.

    This is my config for a certificate check:

    1. vars.http_sites["https certificate site1.domain.local"] = {
    2.     http_address = "site1.domain.local"
    3.     http_vhost = "site1.domain.local"
    4.     http_uri = "/"
    5.     http_ssl = "true"
    6.     http_sni = "true"
    7.     http_certificate = "30,10"
    8. }
  • Thanks, works now.

    Only issue I have left is that I'm using basic http auth for one of the sites, so I have to put the credentials in the "http_auth_pair" variable. This is fine but it shows the credentials in plain text from within Icinga Web 2. Underneath the black is the credentials.