Solved

Can't get Icinga / Nagios SSL expire check to work

Posted on 2011-02-21
5
1,122 Views
Last Modified: 2013-11-18
I have seen the check working on a demo and see it in their man page but can't get it to work.

I have the default command defined.

# 'check_http' command definition
define command{
        command_name    check_http
        command_line    $USER1$/check_http -I $HOSTADDRESS$ $ARG1$
        }

I have created the service

define service{
        use                     local-service         ; Name of service template to use
        host_name               host
        service_description     description
            check_command                  check_http! -H www.domain.com -C 30
            }

When I do the check from the command line it works

/usr/local/icinga/libexec$ sudo ./check_http -H www.domain.com -C 30
OK - Certificate will expire on 03/05/2012 23:59.

But in Icinga (Nagios) it just says connection refused.

http://nagiosplugins.org/man/check_http
0
Comment
Question by:ThorinO
  • 3
  • 2
5 Comments
 
LVL 5

Accepted Solution

by:
group0 earned 500 total points
ID: 34965983
Your command definition results in a different execution than your CLI tests.  You can either drop "-I $HOSTADDRESS$" from your command definition to match your CLI test, or make sure the host definition that the service belongs to has a valid IP that responds on port 80 (ie. same IP that the FQDN resolves to).
0
 
LVL 10

Author Comment

by:ThorinO
ID: 34971204
I use this command to check stuff elsewhere, do you think I should remove the -I, change it to -H, or create a new command for SSL checking?
0
 
LVL 10

Author Comment

by:ThorinO
ID: 34971500
I created a check_ssl command and changed it to -H and that fixed the problem. Thank you.

Another question if you don't mind. I am trying to create another check for an external website as follows and it isn't working but works from the command line again.

# 'check_http_external' command definition
define command{
        command_name    check_http_external
        command_line    $USER1$/check_http -H $HOSTADDRESS$ $ARG1$
        }


define service{
        use                     local-service         ; Name of service template to use
        host_name               HOST
        service_description     DESCRIPTION
            check_command                  check_http_external! www.domain.com -u /whatever -w5 -c 10
            }
0
 
LVL 5

Assisted Solution

by:group0
group0 earned 500 total points
ID: 34972297
Your effective command resolves to (where x.x.x.x is the value of the address field for the associated host definition):

check_http -H x.x.x.x www.domain.com -u /whatever -w5 -c 10

Which isn't the correct syntax:

Usage: check_http -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]
       [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L]
       [-a auth] [-f <ok | warn | critcal | follow>] [-e <expect>]
       [-s string] [-l] [-r <regex> | -R <case-insensitive regex>] [-P string]
       [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>] [-A string] [-k string]


Try:

# 'check_http_external' command definition
define command{
        command_name    check_http_external
        command_line    $USER1$/check_http $ARG1$
        }


define service{
        use                     local-service         ; Name of service template to use
        host_name               HOST
        service_description     DESCRIPTION
            check_command                  check_http_external! -H www.domain.com -u /whatever -w 5 -c 10
            }
0
 
LVL 10

Author Closing Comment

by:ThorinO
ID: 34972643
Awesome, thanks you are the man!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Styling your websites can become very complex. Here I'll show how SASS can help you better organize, maintain and reuse your CSS code.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
The viewer will learn the benefit of using external CSS files and the relationship between class and ID selectors. Create your external css file by saving it as style.css then set up your style tags: (CODE) Reference the nav tag and set your prop…
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now