Does anyone have check_http working against the SSL VPN GUI interface of a Cisco ASA?
Whenever I check it always closes, but wget and curl work fine: ===================================================== nagios:/usr/lib/nagios/plugins# ./check_http -H <ip> -S -v GET / HTTP/1.1 User-Agent: check_http/v1.4.15 (nagios-plugins 1.4.15) Connection: close Host: <ip> CRITICAL - Socket timeout after 10 seconds nagios:/usr/lib/nagios/plugins# ===================================================== nagios:/usr/lib/nagios/plugins# wget https://<ip> --no-check-certificate --2013-01-31 22:31:39-- https://<ip>/ Connecting to <ip>:443... connected. WARNING: cannot verify <ip>âs certificate, issued by â/CN=<host>/unstructuredName=<host>â Self-signed certificate encountered. WARNING: certificate common name â<host>â<ip>â HTTP request sent, awaiting response... 302 Object Moved Location: /+CSCOE+/logon.html [following] --2013-01-31 22:31:39-- https://<ip>/+CSCOE+/logon.html Connecting to <ip>:443... connected. WARNING: cannot verify <ip>âs certificate, issued by â/CN=<host>/unstructuredName=<host>â Self-signed certificate encountered. WARNING: certificate common name â<host>â<ip>â HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html] Saving to: âindex.htmlâ [ <=> ] 4,514 --.-K/s in 0.03s 2013-01-31 22:31:39 (158 KB/s) - âindex.htmlâ nagios:/usr/lib/nagios/plugins# ===================================================== nagios:/usr/lib/nagios/plugins# curl https://<ip> --insecure -v * About to connect() to <ip> port 443 (#0) * Trying <ip>... connected * Connected to <ip> (<ip>) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using RC4-SHA * Server certificate: * subject: CN=<host>; unstructuredName=<host> * start date: 2010-02-03 00:10:30 GMT * expire date: 2020-02-01 00:10:30 GMT * common name: <host> (does not match '<ip>') * issuer: CN=<host>; unstructuredName=<host> * SSL certificate verify result: self signed certificate (18), continuing anyway. > GET / HTTP/1.1 > User-Agent: curl/7.21.0 (x86_64-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.15 libssh2/1.2.5 > Host: <ip> > Accept: */* > * HTTP 1.0, assume close after body < HTTP/1.0 302 Object Moved < Server: Cisco AWARE 2.0 < Fri, 01 Feb 2013 04:07:54 GMT < Location: /+CSCOE+/logon.html < Set-Cookie: tg=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/ < Content-Type: text/html; charset=UTF-8 < Transfer-Encoding: chunked < Cache-Control: no-cache < Pragma: no-cache * HTTP/1.0 connection set to keep alive! < Connection: Keep-Alive < Date: * Connection #0 to host <ip> left intact * Closing connection #0 * SSLv3, TLS alert, Client hello (1): nagios:/usr/lib/nagios/plugins# ===================================================== ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_jan _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null