Is anyone using UIM (fka Nimsoft or Nimbus) for SSL certificate monitoring? If so, which method are you using?
There are several approaches to this. The url_response probe can check certificate expiration, but it only works with http servers. When I add a https site to monitoring, I usually enable this.
I also monitor local computer store certificates on Windows servers. For this purpose I have two approaches: a custom probe that used .net to query the certificates and in some cases I use the nexec probe to run a powershell script that queries certificates through the certificate provider. My custom probe is also able to query remote certificates other than http, so I'm using it for that as well. Unfortunately the custom probe needs.. some.. work so I'm not using it extensively these days.
In past we've also used all sorts of timed scripts to write a log, which then is parsed by the logmon probe.
What language did you write your custom probe in? You wouldn't happen to be willing to share it, would ya?
We've been looking at the url_response probe but didn't like only being able to run 100 sites per server. How many do you run on your remote monitoring server?
I wrote it in C#. Unfortunately it I wrote it at the company I work at and is a major enough piece of work that I can't share it. Also, it does need a major rewrite in all honesty. I'm also working on a new one written in C++ in my spare time. If I ever get that done (so many projects..) I'll be able to share that.. but I guess that wont help for now.
Hmm I've never had to go above more than a couple dozen websites with url_response myself.
I have a lua script/probe that I used to use. But since url_response started checking it haven't used since. If you want it I will see if I can send out just shoot me a email
Thank you very much but unfortunately, your email isn't visible. Can you please email me at jason.eckelstafer at amway.com? Thanks in advanced!
guess it might be similar to this Probe to check and store the days until a certificate expires
Is there any chance you could post the powershell script? That sounds very useful!
Here is a shell script approach used with the logmon probe:
Tuesday Tip: Monitoring Server Certificate Expiration with the Logmon Probe
Not sure if that helps or if it is what you're looking for.
Retrieving data ...