HTTP check ignore certificate option
When using HTTP checks to an internal server in an intranet enviroment, you end up having a self-signed certificate in all cases. This makes monin checks very very hard, you have to maintain the ca-certs, deployment of new services and hosts becomes a pretty complex process.
Since its all about getting the status of the webserver, i would suggest to make this option available to ignore self-signed cert issues.
Thank you!
(5.10)
Comments (7)
-
repo owner -
reporter When you try to check if a website is online, using https on a self-signed ssl certificate host, you fail always. You then have to update the systems ca-certificates to have this up and running which can be quiet some effort when speaking about automatic setups.
It would be good to habe something, like wget --no-check-certificate
best
-
reporter Glad you consider it, thank you
-
repo owner Do you mean HTTP check a SSL server with a self-signed certificate? If this is the case we are not able to reproduce the problem. We have M/Monit setup with its self-signed cert and check it with Monit and there are no problems as you can see from this trace in the Monit log:
'localhost' succeeded connecting to INET[localhost:8443] via TCPSSL 'localhost' succeeded testing protocol [HTTP] at INET[localhost:8443] via TCPSSL
Could you please post the error in Monit's log and your check from
.monitrc
-
repo owner Any feedback or more details on this?
-
repo owner - changed status to closed
No feedback from user and not reproducible.
-
repo owner - removed version
Removing version: 5.9 (automated comment)
- Log in to comment
Could you please clarify? What is the problem here?