This a guide on howto deploy and configure this template for SSL expiration check and grading SSL certificate deployment.
Monitoring:
- Running HTTPS service (port)
- Certificate issuer
- Certificate expiration
- Certificate installation grade with SSL Labs API.
Latest data
Items
Triggers
Macros
The following steps need to be performed on all zabbix servers (or proxy servers respectively).
CentOS, RHEL
yum install zabbix-senderDebian, Ubuntu
apt-get install zabbix-senderClone the repository
cd /tmp
git clone git@github.com:hermanekt/Zabbix-ssl-certificate-check-with-grade.gitCopy scripts to their respective locations
cp /tmp/Zabbix-ssl-certificate-check-with-grade/ssllabs_checker.sh /usr/lib/zabbix/externalscripts
cp /tmp/Zabbix-ssl-certificate-check-with-grade/ssllabs_checker_at.sh /usr/lib/zabbix/externalscripts
cp /tmp/Zabbix-ssl-certificate-check-with-grade/zext_ssl_expiry.sh /usr/lib/zabbix/externalscripts
cp /tmp/Zabbix-ssl-certificate-check-with-grade/zext_ssl_issuer.sh /usr/lib/zabbix/externalscriptsSet an execution bit
chmod +x zext_ssl_*
chmod +x ssllabs_checker*Here you have 2 options - either to use the precompiled package I've provided, or you can build your own package from scratch.
1) Copy the package
cp /tmp/Zabbix-ssl-certificate-check-with-grade/ssllabs-scan /usr/lib/zabbix/externalscripts
chmod +x /usr/lib/zabbix/externalscripts/ssllabs-scan1) Install GOlang
CentOS, RHEL
yum install golangDebian, Ubuntu
apt-get install golang2) Build sslabs-scan package
cd /tmp
git clone https://github.com/ssllabs/ssllabs-scan/
cd ssllabs-scan/
go build
mv /tmp/ssllabs-scan/ssllabs-scan /usr/lib/zabbix/externalscripts/
cd && rm -rf /tmp/ssllabs-scan/rm -rf /tmp/Zabbix-ssl-certificate-check-with-gradeFile: Template_SSL_Certificates.xml
Dummy host with hostname is URL name for example https://www.google.com/ hostname is: www.google.com
Host connection:
Host template:
