Solved

Can't get Icinga / Nagios SSL expire check to work

Posted on 2011-02-21
5
1,138 Views
Last Modified: 2013-11-18
I have seen the check working on a demo and see it in their man page but can't get it to work.

I have the default command defined.

# 'check_http' command definition
define command{
        command_name    check_http
        command_line    $USER1$/check_http -I $HOSTADDRESS$ $ARG1$
        }

I have created the service

define service{
        use                     local-service         ; Name of service template to use
        host_name               host
        service_description     description
            check_command                  check_http! -H www.domain.com -C 30
            }

When I do the check from the command line it works

/usr/local/icinga/libexec$ sudo ./check_http -H www.domain.com -C 30
OK - Certificate will expire on 03/05/2012 23:59.

But in Icinga (Nagios) it just says connection refused.

http://nagiosplugins.org/man/check_http
0
Comment
Question by:ThorinO
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 5

Accepted Solution

by:
group0 earned 500 total points
ID: 34965983
Your command definition results in a different execution than your CLI tests.  You can either drop "-I $HOSTADDRESS$" from your command definition to match your CLI test, or make sure the host definition that the service belongs to has a valid IP that responds on port 80 (ie. same IP that the FQDN resolves to).
0
 
LVL 10

Author Comment

by:ThorinO
ID: 34971204
I use this command to check stuff elsewhere, do you think I should remove the -I, change it to -H, or create a new command for SSL checking?
0
 
LVL 10

Author Comment

by:ThorinO
ID: 34971500
I created a check_ssl command and changed it to -H and that fixed the problem. Thank you.

Another question if you don't mind. I am trying to create another check for an external website as follows and it isn't working but works from the command line again.

# 'check_http_external' command definition
define command{
        command_name    check_http_external
        command_line    $USER1$/check_http -H $HOSTADDRESS$ $ARG1$
        }


define service{
        use                     local-service         ; Name of service template to use
        host_name               HOST
        service_description     DESCRIPTION
            check_command                  check_http_external! www.domain.com -u /whatever -w5 -c 10
            }
0
 
LVL 5

Assisted Solution

by:group0
group0 earned 500 total points
ID: 34972297
Your effective command resolves to (where x.x.x.x is the value of the address field for the associated host definition):

check_http -H x.x.x.x www.domain.com -u /whatever -w5 -c 10

Which isn't the correct syntax:

Usage: check_http -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]
       [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L]
       [-a auth] [-f <ok | warn | critcal | follow>] [-e <expect>]
       [-s string] [-l] [-r <regex> | -R <case-insensitive regex>] [-P string]
       [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>] [-A string] [-k string]


Try:

# 'check_http_external' command definition
define command{
        command_name    check_http_external
        command_line    $USER1$/check_http $ARG1$
        }


define service{
        use                     local-service         ; Name of service template to use
        host_name               HOST
        service_description     DESCRIPTION
            check_command                  check_http_external! -H www.domain.com -u /whatever -w 5 -c 10
            }
0
 
LVL 10

Author Closing Comment

by:ThorinO
ID: 34972643
Awesome, thanks you are the man!
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Preface This is the third article about the EE Collaborative Login Project. A Better Website Login System (http://www.experts-exchange.com/A_2902.html) introduces the Login System and shows how to implement a login page. The EE Collaborative Logi…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question