www-infrastructure-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "#asfinfra IRC Bot (Closed) (JIRA)" <j...@apache.org>
Subject [jira] [Closed] (INFRA-4263) have nagios alert if SSL certs are about to expire on any monitored apache.org hosts
Date Sat, 31 Dec 2011 00:39:30 GMT

     [ https://issues.apache.org/jira/browse/INFRA-4263?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

#asfinfra IRC Bot closed INFRA-4263.

    Resolution: Fixed
> have nagios alert if SSL certs are about to expire on any monitored apache.org hosts
> ------------------------------------------------------------------------------------
>                 Key: INFRA-4263
>                 URL: https://issues.apache.org/jira/browse/INFRA-4263
>             Project: Infrastructure
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: Nagios
>            Reporter: Hoss Man
> The SSL cert for issues.apache.org expired earlier today. in response to an inquire on
#asfinfra, it was noted that the new certificate was already available and had been installed
on many machines last week, but evidently some were overlooked.
> Although i am not very knowledgeable about nagios, it occurred to me that this is probably
a situation that could easily be monitored & alerted if/when the situation arises again
in the future.
> cursory googling suggests that there are nagios plugins explicitly for testing pending
SSL expiration, but if we are already using the "check_http" nagios plugin (not sure how to
find out, but it seems generic enough that we probably are, and if not: probably should) then
there is a "-C <age>" option that can be used for this
> Using check_http...
> http://blog.bashton.com/2010/quick-tip-check-ssl-certificate-life-in-nagios/
> Alternate plugin options...
> http://exchange.nagios.org/directory/Plugins/Network-Protocols/HTTP/check_ssl_certificate/details
> http://exchange.nagios.org/directory/Plugins/Network-Protocols/HTTP/check_ssl_cert_alternative/details

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message