using check_http with a proxy?
Marc Powell
mpowell at ena.com
Fri Feb 4 22:16:34 CET 2005
> -----Original Message-----
> From: Chris Mann [mailto:csmann at gmail.com]
> Sent: Friday, February 04, 2005 2:58 PM
> To: Marc Powell
> Cc: nagios-users at lists.sourceforge.net
> Subject: Re: [Nagios-users] using check_http with a proxy?
>
> On Fri, 4 Feb 2005 10:04:07 -0600, Marc Powell <mpowell at ena.com>
wrote:
> > # 'check_via_proxy' command definition
> > define command{
> > command_name check_via_proxy
> > command_line $USER1$/ check_http -H
www.sitetoretrieve.org -I
> > ip.of.proxy --onredirect follow -p 8080 -wt 20 -ct 30 -to 35 -u
> > http://www.sitetoretrieve.org -R \/HTML
>
> Thanks Marc, that did the trick.
> Would this work for ssl sites as well?
I haven't had reason to do that but a quick test seems to indicate the
answer is no. --
./check_http -H my.test.host -I my.test.proxy --onredirect follow -p
8080 -wt 20 -ct 30 -to 35 https://my.test.host --ssl
ERROR: Cannot retrieve server certificate.
In order to use SSL via a proxy, the proxy must be instructed to set up
an ssl tunnel to the remote host via the CONNECT method. Glancing at the
code, check_http seems to assume that all SSL connections are
direct-to-host and there doesn't appear to be code to set up the
necessary tunnel, at least that I can see.
That said, I'm using a version of the plugin that was recent as of
20031203. The latest plugins package may include this functionality.
--
Marc
-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list