check_ssl_cert

This script is the gold standard for Nagios core SSL checks and for how bash scripts should be written and distributed!

1.) It has options for just about every aspect of X.509 certificates
2.) It is simple to use (once you figure out you have to tell it where your local CA (Certificate Authority) is located
3.) It can check a 3rd party API at SSL Labs to grade a web sites cert. This takes a long time and the check may time-out for Nagios but that's not the fault of this script. I may batch process those checks and save the results and just do those as soft checks / and or, run them in batch mode, and leverage the fact that SSL Labs caches subsequent request which allow this check to then complete quickly.
4.) It is very well documented
5.) It is actively maintained (big deal)
6.) It just works!

Phreedom Technologies will be using it to check all of our company & client web sites as well as all publicly accessible SSL-VPN, HTTP admin portals (internal and external) including both those registered to a public CA or a self-signed.

Excellent work and thank you!

While check_http fails checking Let’s Encrypt certificates this one does a good job

Works without any issues on all of my linux boxes and without any additional software.

Actually respects http hosts and pulls the correct certificate unlike the built in check_http. Great plugin for checking certs!

Hello,
Is it possible to give an URL instead of a host ?
Thanks and Regards

Excellent features, easy to use, thanks for sharing!

Fully featured. Appreciate the option to point to an alternate (newer) openssl.

Thanks for an excellent Nagios plugin! We use this to check certificate validity and expiration with the following command:

define command{
command_name check_ssl_cert
command_line /etc/nagios-plugins/local-bin/check_ssl_cert -H '$HOSTADDRESS$' -c 60 -r /etc/ssl/certs/ -n '$HOSTADDRESS$'
}

Works great, even with wildcard SSL certs. Thanks!

Dane