See www.zabbix.com for the official Zabbix site.
Docs/howto/ssl certificate check
This is originally based on http://aperto.fr/cms/en/blog/15-blog-en/15-ssl-certificate-expiration-monitoring-with-zabbix.html with modifications to the script and template by firstname.lastname@example.org.
Switches have been added to the script to check both days until expiration and the certificate issuing authority.
usage: zext_ssl_cert.sh [-i|-d] hostname port sni" -i Show Issuer" -d Show valid days remaining"
The exported template below includes triggers for 90, 60, 30, 15, 7 days, and Expired certificate. Macros are defined in the template for SSL_PORT and SNI. There is also basic HTTPS down check and trigger. There are no triggers for the issuer check.
The basic HTTPS check fires every 90 seconds. Issuer and validity check every 6 hours (21600 seconds).
You can also find an alternative in Python here: https://gist.github.com/crashdump/5683952
- Configure ExternalScripts variable in zabbix_server.conf, - Drop the script in the "external script" folder (usually /etc/zabbix/externalscripts/) - Import the template & assign it to your host. - Watch the incoming data !
The script can also be used outside Zabbix:
usage: check-ssl-expire.py [-h] [-p PORT] host positional arguments: host specify an host to connect to optional arguments: -h, --help show this help message and exit -p PORT, --port PORT specify a port to connect to
# ./check-ssl-expire.py www.zabbix.com 942