Skip to main content

Raymii.org Logo (IEC resistor symbol) logo

Quis custodiet ipsos custodes?
Home | About | All pages | RSS Feed | Gopher

Nagios plugin to check certificates on local file system

Published: 24-09-2012 | Author: Remy van Elst | Text only version of this article


Table of Contents


This tutorial will show you how you can use the nagios plugin "check ssl cert" to monitor locally stored SSL certificates.

If you like this article, consider sponsoring me by trying out a Digital Ocean VPS. With this link you'll get $100 credit for 60 days). (referral link)

Installing the nagios-plugin

The plugin needs the expect program to be installed on the hosts which will check their certificates.

Install it with the following command:

sudo apt-get install expect

Now install the plugin:

sudo wget -O /etc/nagios-plugins/check_ssl_cert --no-check-certificate https://trac.id.ethz.ch/projects/nagios_plugins/export/1315/check_ssl_cert/check_ssl_cert

Also, make it executable:

sudo chmod +x /etc/nagios-plugins/check_ssl_cert

Setting up the host

On the nagios client where the certificates are, you have to edit the NRPE config to do the checks locally

vim /etc/nagios/nrpe_local.cfg

Add:

command[check_local_ssl]=/etc/nagios-plugins/check_ssl_cert -H localhost -f /home/so_ad/7days.pem -c 30
command[check_local_ssl]=/etc/nagios-plugins/check_ssl_cert -H localhost -f /home/so_ad/7days.pem -c 5    

Setting up the nagios server

I have the hostgroup nodes defined, and in my nagios config file I add the following service:

vim /etc/nagios3/conf.d/services-hostgroups.cfg
Tags: certificates , monitoring , nagios , openssl , software