Nagios can do SSL checking, but it doesn't actually check if the certificate is valid for the connection address you're using (common name match).
On one of our servers, a postfix configuration file was replaced by a Plesk update without notice, resulting in a regression to a snake-oil certificate. Nagios checks SSL, but didn't see it. To that end, I'd like to check more than just the expiration date, and actually check the CA chain.
I've tried several SSL plugins for nagios, but none of them can do it.
Does anybody have advice?
Best Answer
I don't have any experience with it but it looks like the check_ssl_cert plugin does what you are looking for.
Excerpt from the author's site: