Error with check_x509cert.pl in Nagios server


#1

Hi forum,
I found a check script at nagiosexchange.org to check the vality of an x509 certificate. The script is called check_x509cert.pl and is written in perl.

http://www.nagiosexchange.org/cgi-bin/page.cgi?g=Detailed%2F2191.html;d=1

I download every hour different certificates from LDAP server to a local directory and then I check it with the following command with the nagios user.

*/etc/nagios3/libexec.local/check_x509cert.pl -w 30 -c 7 -P /var/run/cert_check

OK (1): cert.pem(1067d)*

In the output you see the numbers of certificates to check (1) and the days till expiry. The return code of the script is 0.

On the console you see no errors but in Nagios I got the following error:

(Service check did not exit properly)" as the “Status Information” and Critical.

What could cause this error?

This is the log of the Nagios server:

*==> /var/log/nagios3/nagios.log <==
[1234337739] Warning: Check of service ‘check_cert_USER1’ on host ‘server1’ did not exit properly!

==> /var/log/syslog <==
Feb 11 07:35:39 tcmonsrv-ext nagios3: Warning: Check of service ‘check_cert_USER1’ on host ‘server1’ did not exit properly!*

these are the configurations:

command def.:

define command{ command_name check_cert command_line /etc/nagios3/libexec.local/check_x509cert.pl -w '$ARG1$' -c '$ARG2$' -P '$ARG3$' }

service def.:

[code]define service {
use templ_service_default

host_name server1
service_description check_cert_USER1
check_command check_cert!30!7!/var/run/cert_check/!
servicegroups LDAP
}[/code]

Version:

  • Nagios server version 3.0.6
  • Debian etch (latest updates done)
  • check_x509cert.pl,v $ Revision 1.1 2006/08/19 10:12:03 wob, start version

Could anybody help me? I’m waiting for feedback

Thanks grooveminister


#2

Couple of things…
Firstly, you don’t need the final ! as you no $ARG4$

Secondly, /var/run/cert_check/ is not the same path as the commandline test…

HTH
/S


#3

Hi,
thanks for the reply. I did a mistake in the post. The folder is ok /var/run/cert_check ! I correct it obove.

I removed the “!” but it didn’t solve the problem.

Any suggestions?

grooveminister


#4

hi,
I didn’t find a solution for this problem!
:x

but …

I found a better script to check x509 certificates and it works!

:lol:

http://prefetch.net/code/ssl-cert-check

It runs perfect!

bye grooveminister