monitors:sslname.sh

Error loading plugin struct
ParseError: syntax error, unexpected 'fn' (T_STRING), expecting :: (T_PAAMAYIM_NEKUDOTAYIM)
More info is available in the error log.

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
monitors:sslname.sh [2015/11/10 03:55] – Updated to v2 - hobbit -> xymon and allow modify of existing test jccleavermonitors:sslname.sh [2019/08/28 08:24] (current) – [Description] antivirusnoeron
Line 1: Line 1:
 ====== SSL certificate name match monitor ====== ====== SSL certificate name match monitor ======
  
-^ Author | [[ jcleaver@soe.sony.com jccleaver ]] |+^ Author | [[ cleaver-xymon@terabithia.org Japheth Cleaver ]] |
 ^ Compatibility | Xymon 4.2.3 | ^ Compatibility | Xymon 4.2.3 |
 ^ Requirements | perl, unix | ^ Requirements | perl, unix |
 ^ Download | None | ^ Download | None |
-^ Last Update | 2010-08-02 |+^ Last Update | 2015-11-09 |
  
-===== Description ===== +Antivirus-Norton Internet Security is a security software product from Symantec. Packed with features to protect your PC from all kinds of online threats and the main programs in this award-winning software are antivirus, anti-spyware, firewall and antispam protection. Download Norton antivirus from . 
- +[[http://antivirus-norton.com|norton.com/setup]] 
-Originating thread here: http://www.xymon.com/archive/2010/06/msg00148.html +Author:John Smith0, a creative person who puts his skills in Technical writing by making everything easier for readers to understand the complexity of any tech related issue.  Many popular e-magazines have released his articles. He has also been writing to people’s query related to technology like office.com/setupMcAfee, Norton and many more. 
- +[[https://d-mcafee.com/|mcafee.com/activate]] | [[https://iamcafee.com/|mcafee.com/activate]] | [[https://bitstamp.help-desk-number.com/bitstamp-login/| bitstamp login]]
-A small script that checks "sslcert" tests and tries to verify that the common name ("CN=") in the resulting ssl certificate matches the URL that we tried to reach (eg, https://secure.example.com/) It reports the status under a new test name, "sslname"Wildcard certificates are taken into account, since we're matching using extended grep.+
  
 ===== Installation ===== ===== Installation =====
Line 33: Line 32:
         CMD /etc/xymon/ext/sslname.sh         CMD /etc/xymon/ext/sslname.sh
         LOGFILE /var/log/xymon/sslname.log         LOGFILE /var/log/xymon/sslname.log
 +        INTERVAL 5m
 </code> </code>
  
Line 89: Line 89:
    # TODO: We should loop over all common names and try to figure out what the relevant URLs are below    # TODO: We should loop over all common names and try to figure out what the relevant URLs are below
    #   For now, we sort and take the first one.    #   For now, we sort and take the first one.
-    COMMONNAME="`echo \"$SSLDATA\" | grep CN= | perl -pe 's/^.*CN=([\w\.\-\*]+).*$/\1/' | sort | uniq | head -n 1`"+    COMMONNAME="`echo \"$SSLDATA\" | grep -v issuer: | grep CN= | perl -pe 's/^.*CN=([\w\.\-\*]+).*$/\1/' | sort | uniq | head -n 1`"
     if [ -z "$COMMONNAME" ] ; then     if [ -z "$COMMONNAME" ] ; then
  echo "Couldn't find a 'common name' for $THISHOST..." >&2  echo "Couldn't find a 'common name' for $THISHOST..." >&2
Line 145: Line 145:
 ===== Known Bugs and Issues ===== ===== Known Bugs and Issues =====
  
-This is targeted mainly at %%https://%% tests; YMMV with "sslcert" results from other types of tests (imaps, smtps, pop3s, etc).+sslcert tests that are a result of multiple SSL_enabled services tested by xymonnet should be tested individually against the URLs (or server name) in question and the worst state flagged. 
 + 
 +Wildcards are handled via regex, however this will lead to a false negative if your wildcard is for a more root-ward subdomain. Eg, *.example.net will be seen as an acceptable common name for https://server.dc.example.net/ when it really isn't. 
 + 
 +This was targeted mainly at %%https://%% tests; "sslcert" results from other types of tests (imaps, smtps, pop3s, etc) are tested against the server name only. YMMV.
  
 ===== To Do ===== ===== To Do =====
Line 154: Line 158:
  
 ===== Changelog ===== ===== Changelog =====
 +
 +  * **2015-11-10**
 +    * Minor bug fixes and clean-up
 +
 +  * **2012-04-27**
 +    * update from hobbit -> xymon
 +    * optionally use "modify" of sslcert test instead of our own status
  
   * **2010-08-02**   * **2010-08-02**
     * Initial public release     * Initial public release
  
  • monitors/sslname.sh.1447127739.txt.gz
  • Last modified: 2015/11/10 03:55
  • by jccleaver