Nagios plugin to check certificates on local file system

24-09-2012 | Remy van Elst

Table of Contents

This tutorial will show you how you can use the nagios plugin "checksslcert" to monitor locally stored SSL certificates.

Installing the nagios-plugin

The plugin needs the expect program to be installed on the hosts which will check their certificates.

Install it with the following command:

sudo apt-get install expect

Now install the plugin:

sudo wget -O /etc/nagios-plugins/check_ssl_cert --no-check-certificate

Also, make it executable:

sudo chmod +x /etc/nagios-plugins/check_ssl_cert

Setting up the host

On the nagios client where the certificates are, you have to edit the NRPE config to do the checks locally

vim /etc/nagios/nrpe_local.cfg


command[check_local_ssl]=/etc/nagios-plugins/check_ssl_cert -H localhost -f /home/so_ad/7days.pem -c 30
command[check_local_ssl]=/etc/nagios-plugins/check_ssl_cert -H localhost -f /home/so_ad/7days.pem -c 5    

Setting up the nagios server

I have the hostgroup nodes defined, and in my nagios config file I add the following service:

vim /etc/nagios3/conf.d/services-hostgroups.cfg

Tags: certificates  monitoring  nagios  openssl  software