Build precise queries to find exactly what you need
Press ESC to close
Nagios World Conference 2026: Sept. 14-17 in St. Paul, MN | Learn More
Your review has been submitted and is pending approval.
Check installed certificates in Windows store using powershell through NRPE / nsclient++: -My store (machine) -Root store -CA store -Auth store -SharePoint store You can specify number of days before expiring, and threshold for warning / critical All known already expired certificate in store, provided by Microsoft on all Windows Server 2003 / 2008 / 2012 are ignored
Current Version
0.1
Last Release Date
2013-05-04
Owner
Mathieu Chateau
Website
http://www.lotp.fr
Download URL
https://exchange.nagios.org/wp-content/uploads/project-files/2013/05/lotp_check_certificates.ps1.txt
License
GPL
Compatible With
Check installed certificates in Windows store using powershell through NRPE / nsclient++:
-My store (machine) -Root store -CA store -Auth store -SharePoint store
You can specify number of days before expiring, and threshold for warning / critical
All known already expired certificate in store, provided by Microsoft on all Windows Server 2003 / 2008 / 2012 are ignored
############################################### Tested Setup:
Monitoring Box: -Centos 6.4 x64 -Nagios 3.4.4 -check_nrpe 2.13 -Centreon 2.4.2 -nsclient++ 0.4.1 x64 & x86 -Windows Server 2003 / 2008 R2 / 2012 -tested on both Core & GUI Servers
############################################### Scripts arguments The script accept eight arguments: -checkMyStore (true by default) -checkRootStore (true by default) -checkCAStore (true by default) -checkAuthRootStore (true by default) -checkSharePointStore (true by default) -expireInDays (60 by default) -maxWarn (Warning if above) -maxCrit (Critical if above)
############################################### Local execution example:
PS C:Program FilesNSClient++scripts> . .lotp_check_certificates.ps1 $true $true $true $true $true 60 0 0 CRITICAL: *.mydomain.net:2013/06/05 PS C:Program FilesNSClient++scripts>
NRPE execution: [root~]# /usr/lib64/nagios/plugins/check_nrpe -H myserver -n -c check_certificate -a $true $true $true $true $true 60 0 0 CRITICAL: *.mydomain.net:2013/06/05 [root~]#
############################################### Installation: On Windows Servers: -copy script in folder C:Program FilesNSClient++scripts -enable powershell script execution without signed : Set-ExecutionPolicy RemoteSigned -Add to nsclient.ini: [/settings/external scripts/wrapped scripts] check_certificate=lotp_check_certificate.ps1 $ARG1$ $ARG2$ $ARG3$ $ARG4$ $ARG5$ $ARG6$ $ARG7$ $ARG8$
############################################### Configuration:
For example, on Centreon: -Add a new command: $USER1$/check_nrpe -H $HOSTADDRESS$ -t 60 -n -c check_certificate -a $ARG1$ $ARG2$ $ARG3$ $ARG4$ $ARG5$ $ARG6$ $ARG7$ $ARG8$
Then add monitoring filling the ARGS. (using $$true and $false to escape correctly).
The -maxWarn & -maxCrit parameters aren't described well in my opinion. They are the number of certs that are expired or will expire. so -maxWarn 1 -maxCrit 2 will give you a warning if 1 cert will expire or a critical if 2 or more certs are expiring. I'm more interested in setting the number of days ahead of expiration for my warning and critical alerts.
You must be logged in to submit a review.
To:
From: