mirror of
https://github.com/Icinga/icinga2.git
synced 2025-07-23 13:45:04 +02:00
ITL: Add additional http check command parameters for SSL version enforcement
refs #10358
This commit is contained in:
parent
67b7df3189
commit
d8b70f8ae1
@ -440,15 +440,22 @@ Check command object for the `check_http` plugin.
|
||||
Custom attributes passed as [command parameters](3-monitoring-basics.md#command-passing-parameters):
|
||||
|
||||
Name | Description
|
||||
-------------------------|--------------
|
||||
---------------------------------|---------------------------------
|
||||
http_address | **Optional.** The host's address. Defaults to "$address$" if the host's `address` attribute is set, "$address6$" otherwise.
|
||||
http_vhost | **Optional.** The virtual host that should be sent in the "Host" header.
|
||||
http_uri | **Optional.** The request URI for GET or POST. Defaults to `/`.
|
||||
http_port | **Optional.** The TCP port. Defaults to 80 when not using SSL, 443 otherwise.
|
||||
http_ssl | **Optional.** Whether to use SSL. Defaults to false.
|
||||
http_ssl_force_tlsv1 | **Optional.** Whether to force TLSv1.
|
||||
http_ssl_force_tlsv1_1 | **Optional.** Whether to force TLSv1.1.
|
||||
http_ssl_force_tlsv1_2 | **Optional.** Whether to force TLSv1.2.
|
||||
http_ssl_force_sslv2 | **Optional.** Whether to force SSLv2.
|
||||
http_ssl_force_sslv3 | **Optional.** Whether to force SSLv3.
|
||||
http_ssl_force_tlsv1_or_higher | **Optional.** Whether to force TLSv1 or higher.
|
||||
http_ssl_force_tlsv1_1_or_higher | **Optional.** Whether to force TLSv1.1 or higher.
|
||||
http_ssl_force_tlsv1_2_or_higher | **Optional.** Whether to force TLSv1.2 or higher.
|
||||
http_ssl_force_sslv2_or_higher | **Optional.** Whether to force SSLv2 or higher.
|
||||
http_ssl_force_sslv3_or_higher | **Optional.** Whether to force SSLv3 or higher.
|
||||
http_sni | **Optional.** Whether to use SNI. Defaults to false.
|
||||
http_auth_pair | **Optional.** Add 'username:password' authorization pair.
|
||||
http_proxy_auth_pair | **Optional.** Add 'username:password' authorization pair for proxy.
|
||||
|
@ -334,12 +334,33 @@ object CheckCommand "http" {
|
||||
"-S1" = {
|
||||
set_if = "$http_ssl_force_tlsv1$"
|
||||
}
|
||||
"-S1.1" = {
|
||||
set_if = "$http_ssl_force_tlsv1_1$"
|
||||
}
|
||||
"-S1.2" = {
|
||||
set_if = "$http_ssl_force_tlsv1_2$"
|
||||
}
|
||||
"-S2" = {
|
||||
set_if = "$http_ssl_force_sslv2$"
|
||||
}
|
||||
"-S3" = {
|
||||
set_if = "$http_ssl_force_sslv3$"
|
||||
}
|
||||
"-S1+" = {
|
||||
set_if = "$http_ssl_force_tlsv1_or_higher$"
|
||||
}
|
||||
"-S1.1+" = {
|
||||
set_if = "$http_ssl_force_tlsv1_1_or_higher$"
|
||||
}
|
||||
"-S1.2+" = {
|
||||
set_if = "$http_ssl_force_tlsv1_2_or_higher$"
|
||||
}
|
||||
"-S2+" = {
|
||||
set_if = "$http_ssl_force_sslv2_or_higher$"
|
||||
}
|
||||
"-S3+" = {
|
||||
set_if = "$http_ssl_force_sslv3_or_higher$"
|
||||
}
|
||||
"--sni" = {
|
||||
set_if = "$http_sni$"
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user