Raymii.orgQuis custodiet ipsos custodes?
Home | About | All pages | Cluster Status | RSS Feed | Gopher
Nagios plugin to check certificates on local file system
Published: 24-09-2012 | Author: Remy van Elst | Text only version of this article
❗ This post is over ten years old. It may no longer be up to date. Opinions may have changed.
Table of Contents
This tutorial will show you how you can use the nagios plugin "check ssl cert" to monitor locally stored SSL certificates.
Recently I removed all Google Ads from this site due to their invasive tracking, as well as Google Analytics. Please, if you found this content useful, consider a small donation using any of the options below:
I'm developing an open source monitoring app called Leaf Node Monitoring, for windows, linux & android. Go check it out!
Consider sponsoring me on Github. It means the world to me if you show your appreciation and you'll help pay the server costs.
You can also sponsor me by getting a Digital Ocean VPS. With this referral link you'll get $100 credit for 60 days.
Installing the nagios-plugin
The plugin needs the expect program to be installed on the hosts which will check their certificates.
Install it with the following command:
sudo apt-get install expect
Now install the plugin:
sudo wget -O /etc/nagios-plugins/check_ssl_cert --no-check-certificate https://trac.id.ethz.ch/projects/nagios_plugins/export/1315/check_ssl_cert/check_ssl_cert
Also, make it executable:
sudo chmod +x /etc/nagios-plugins/check_ssl_cert
Setting up the host
On the nagios client where the certificates are, you have to edit the NRPE config to do the checks locally
command[check_local_ssl]=/etc/nagios-plugins/check_ssl_cert -H localhost -f /home/so_ad/7days.pem -c 30 command[check_local_ssl]=/etc/nagios-plugins/check_ssl_cert -H localhost -f /home/so_ad/7days.pem -c 5
Setting up the nagios server
I have the hostgroup nodes defined, and in my nagios config file I add the following service:
Tags: certificates , monitoring , nagios , openssl , software