Check for Self-Signed certificates

I would like to monitor if a server has a self-signed certificate. We would like all our servers web certificates to get signed by our internal corporate CA and not use the local self-signed certificate. Do anyone know how to check if a server is using a self-signed certificates ?

I have setup the web certificate expiration date monitoring check using the check_http plugin but this does not provide a self-signing certificate check option.

Thanks in advance for your help.

look into => Icinga Template Library - Icinga 2

the ssl_cert check allows to specify a ssl_cert_rootcert
Optional. Root certificate or directory to be used for certificate validation.

there you can specify the exported ca’s public key so the check can verify the certificate signed by your local ca