Skip to main content

Nagios plugin to check certificates on local file system

24-09-2012 | Remy van Elst | Text only version of this article


Table of Contents


This tutorial will show you how you can use the nagios plugin "checksslcert" to monitor locally stored SSL certificates.

Installing the nagios-plugin

The plugin needs the expect program to be installed on the hosts which will check their certificates.

Install it with the following command:

sudo apt-get install expect

Now install the plugin:

sudo wget -O /etc/nagios-plugins/check_ssl_cert --no-check-certificate https://trac.id.ethz.ch/projects/nagios_plugins/export/1315/check_ssl_cert/check_ssl_cert

Also, make it executable:

sudo chmod +x /etc/nagios-plugins/check_ssl_cert

Setting up the host

On the nagios client where the certificates are, you have to edit the NRPE config to do the checks locally

vim /etc/nagios/nrpe_local.cfg

Add:

command[check_local_ssl]=/etc/nagios-plugins/check_ssl_cert -H localhost -f /home/so_ad/7days.pem -c 30
command[check_local_ssl]=/etc/nagios-plugins/check_ssl_cert -H localhost -f /home/so_ad/7days.pem -c 5    

Setting up the nagios server

I have the hostgroup nodes defined, and in my nagios config file I add the following service:

vim /etc/nagios3/conf.d/services-hostgroups.cfg

Tags: certificates  monitoring  nagios  openssl  software