Hi,
could you recommend a method to check SSL certificates from websites?
Basically something that check the validity of TLS certificates and to warn if they are about to exipire.
I found this plugin, but I still don’t understand how to implement it on Icinga Web 2: https://github.com/replicajune/sslvalidity
thanks for your help
The stock nagios check_http plugin can do this. The Icinga template is explained here:
https://icinga.com/docs/icinga2/latest/doc/10-icinga-template-library/#http
Hi,
Do you know the Icinga Module?
https://icinga.com/docs/certificate-monitoring/latest/doc/01-About/
Not sure if that is the “Easy Way” you are searching, but its a intresting one 
Hi,
-sh-4.2$ /usr/lib64/nagios/plugins/check_tcp -H google.com -p 443 -D 60,5
SSL WARNING - Certificate ‘*.google.com’ expires in 60 day(s) (2020-05-06 13:37 +0200/CEST).
-D, --certificate=INTEGER[,INTEGER]
Minimum number of days a certificate has to be valid.
1st is #days for warning, 2nd is critical (if not specified - 0).
Hi, you can you SSL Certificate Monitor (its android app) - I need to monitor about 35 certificates from different clients, and this is really easy to use and well organized- https://play.google.com/store/apps/details?id=cz.trilobite.android.app.certmon - it works great, and it has super widget.
Hello!
Your suggestion works only for single SSL certificate/domain at the target host.
For multiple domains (virtual hosts) --sni should be added.
For example:
DNS site1.company.com A 1.2.3.4
DNS site2.company.com A 1.2.3.4
to check both certificates:
/usr/lib/nagios/plugins/check_tcp -H site1.company.com -p 443 -D 60,5 --sni site1.company.com
/usr/lib/nagios/plugins/check_tcp -H site2.company.com -p 443 -D 60,5 --sni site2.company.com