using check_http with a proxy?

Marc Powell mpowell at ena.com
Fri Feb 4 22:16:34 CET 2005



> -----Original Message-----
> From: Chris Mann [mailto:csmann at gmail.com]
> Sent: Friday, February 04, 2005 2:58 PM
> To: Marc Powell
> Cc: nagios-users at lists.sourceforge.net
> Subject: Re: [Nagios-users] using check_http with a proxy?
> 
> On Fri, 4 Feb 2005 10:04:07 -0600, Marc Powell <mpowell at ena.com>
wrote:
> > # 'check_via_proxy' command definition
> > define command{
> >         command_name    check_via_proxy
> >         command_line    $USER1$/ check_http -H
www.sitetoretrieve.org -I
> > ip.of.proxy --onredirect follow -p 8080 -wt 20 -ct 30 -to 35 -u
> > http://www.sitetoretrieve.org -R \/HTML
> 
> Thanks Marc, that did the trick.
> Would this work for ssl sites as well?


I haven't had reason to do that but a quick test seems to indicate the
answer is no. --

./check_http -H my.test.host -I my.test.proxy --onredirect follow -p
8080 -wt 20 -ct 30 -to 35  https://my.test.host --ssl

ERROR: Cannot retrieve server certificate.

In order to use SSL via a proxy, the proxy must be instructed to set up
an ssl tunnel to the remote host via the CONNECT method. Glancing at the
code, check_http seems to assume that all SSL connections are
direct-to-host and there doesn't appear to be code to set up the
necessary tunnel, at least that I can see.

That said, I'm using a version of the plugin that was recent as of
20031203. The latest plugins package may include this functionality.

--
Marc



-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list