Zabbix Share

Zabbix templates, modules & more
Log in
Choose social to login:
Login With Facebook
Login With Google
Login With Github
Login With LinkedIn

Nav view search

Navigation

Advanced Search
  • Applications
    • Anti-Virus
    • Backup
    • Bug and issue tracking
    • Cluster
    • Clustered File Systems
    • DNS
    • Firewall
    • HelpDesk System
    • High Availability (HA)
    • Java Application
    • Mail servers
    • Misc
    • Monitoring System
    • NTP
    • Others
    • Process Managers
    • Queue managers
    • Security
    • Skype
    • Ticketing System
    • Time synchronization
    • Web-servers
  • Cloud
  • Databases
  • Network Appliances
  • Network Devices
  • Official Templates
  • Operating Systems
  • Power (UPS)
  • Printers
  • SCADA, IoT, Energy, Home Automation, Industrial monitoring
  • Server Hardware
  • Storage Devices
  • Telephony
  • Unsorted
  • Virtualization
  • Zabbix
  • Recently Added
  • Recently Updated
  • Popular
  • Most Rated
  • Top Rated
  • Most Reviewed

SSL Certificates Check Popular

Zabbix Template: External Website SSL Utilities

References

This has been adopted from the great work by Roman on the Zabbix Share site. I wasn't able to get his precise methodology working on my environment, so I split the .sh file out into two separate ones and this is working well for me. Roman's work was based off of [email protected]'s work that was originally posted here.

Installation

Note: I've only tested this on Zabbix 3.4.0. I'm not sure if this will work well/at all for any other versions.

Zabbix Template

Import template_SSL_Cert_Check_External.xml into your Zabbix installation. Assign this profile to required Hosts.

Host Requirements

Host Name must be the name of the website to be monitored. Ex: www.zabbix.com

Macros
MacroDefault ValueDescription
{$SNI} {HOSTNAME} Allows you to pass a different SNI to openssl on the Zabbix server for site certificate monitoring
{$SSL_EXPIRY_NOTCLASSIFIED} 90 Threshold of remaining days until expiration to throw a trigger of 'Not Classified' severity
{$SSL_EXPIRY_INFO} 60 Threshold of remaining days until expiration to throw a trigger of 'Information' severity
{$SSL_EXPIRY_AVG} 30 Threshold of remaining days until expiration to throw a trigger of 'Average' severity
{$SSL_EXPIRY_WARN} 15 Threshold of remaining days until expiration to throw a trigger of 'Warning' severity
{$SSL_EXPIRY_HIGH} 7 Threshold of remaining days until expiration to throw a trigger of 'High' severity
{$SSL_HOST} {HOSTNAME} Hostname ("Website") to monitor.
{$SSL_PORT} 443 Port on which to test certificate.

Recommended Modifications

I strongly recommend modifiying the {$SSL_EXPIRY_*} macros for the sites that you're using LetsEncrypt certificates for as they are much shorter lived and don't renew until they are set to expire in a few weeks (Depending on how you've configured it).

 

External Scripts

Place zext_ssl_expiry.sh and zext_ssl_issuer.sh into your Zabbix Server's External Scripts folder. (In my i

Rating
554
★★★★★
4 votes

Listing Details

Type
Template
Min Zabbix version
2.2.x
Features
  • Custom Script
Created
2017-09-13
Modified
2017-09-25 19:24:40
Version 3.4
Download (5557 downloads)
1 version, '2017-09-13 12:52' modified
Tags
SSL, openssl
Owner
mRiston
RecommendReportOwner's listing
All resources created by third parties; use at your own risk
© 2001-2018 by Zabbix SIA. All rights reserved. Trademark Policy · Contact us