ITL: Add some missing arguments to ssl_cert

This commit is contained in:
Jean-Louis Dupond 2017-05-09 16:48:47 +02:00
parent 452f8a1f0d
commit ff0c82a706
2 changed files with 22 additions and 3 deletions

View File

@ -4832,17 +4832,21 @@ ssl_cert_file | **Optional.** Local file path. Works only if `ss
ssl_cert_warn | **Optional.** Minimum number of days a certificate has to be valid.
ssl_cert_critical | **Optional.** Minimum number of days a certificate has to be valid to issue a critical status.
ssl_cert_cn | **Optional.** Pattern to match the CN of the certificate.
ssl_cert_altnames | **Optional.** Matches the pattern specified in -n with alternate
ssl_cert_issuer | **Optional.** Pattern to match the issuer of the certificate.
ssl_cert_org | **Optional.** Pattern to match the organization of the certificate.
ssl_cert_email | **Optional.** Pattern to match the email address contained in the certificate.
ssl_cert_serial | **Optional.** Pattern to match the serial number.
ssl_cert_noauth | **Optional.** Ignore authority warnings (expiration only)
ssl_cert_match_host | **Optional.** Match CN with the host name.
ssl_cert_selfsigned | **Optional.** Allow self-signed certificate.
ssl_cert_sni | **Optional.** Sets the TLS SNI (Server Name Indication) extension.
ssl_cert_timeout | **Optional.** Seconds before connection times out (default: 10)
ssl_cert_timeout | **Optional.** Seconds before connection times out (default: 15)
ssl_cert_protocol | **Optional.** Use the specific protocol {http,smtp,pop3,imap,ftp,xmpp,irc,ldap} (default: http).
ssl_cert_clientcert | **Optional.** Use client certificate to authenticate.
ssl_cert_clientpass | **Optional.** Set passphrase for client certificate.
ssl_cert_ssllabs | **Optional.** SSL Labs assestment
ssl_cert_ssllabs_nocache | **Optional.** Forces a new check by SSL Labs
ssl_cert_rootcert | **Optional.** Root certificate or directory to be used for certficate validation.
ssl_cert_ignore_signature | **Optional.** Do not check if the certificate was signed with SHA1 od MD5.
ssl_cert_ssl_version | **Optional.** Force specific SSL version out of {ssl2,ssl3,tls1,tls1_1,tls1_2}.

View File

@ -397,6 +397,10 @@ object CheckCommand "ssl_cert" {
value = "$ssl_cert_cn$"
description = "Pattern to match the CN of the certificate"
}
"--altnames" = {
set_if = "$ssl_cert_altnames$"
description = "Matches the pattern specified in -n with alternate"
}
"-i" = {
value = "$ssl_cert_issuer$"
description = "Pattern to match the issuer of the certificate"
@ -417,6 +421,10 @@ object CheckCommand "ssl_cert" {
value = "$ssl_cert_serial$"
description = "Pattern to match the serial number"
}
"-A" = {
set_if = "$ssl_cert_noauth$"
description = "Ignore authority warnings (expiration only)"
}
"-s" = {
set_if = "$ssl_cert_selfsigned$"
description = "Allow self-signed certificate"
@ -427,7 +435,7 @@ object CheckCommand "ssl_cert" {
}
"-t" = {
value = "$ssl_cert_timeout$"
description = "Seconds before connection times out (default: 10)"
description = "Seconds before connection times out (default: 15)"
}
"-P" = {
value = "$ssl_cert_protocol$"
@ -441,6 +449,14 @@ object CheckCommand "ssl_cert" {
value = "$ssl_cert_clientpass$"
description = "Set passphrase for client certificate"
}
"-L" = {
value = "$ssl_cert_ssllabs$"
description = "SSL Labs assestment"
}
"--ignore-ssl-labs-cache" = {
set_if = "$ssl_cert_ssllabs_nocache$
description = "Forces a new check by SSL Labs"
}
"-r" = {
value = "$ssl_cert_rootssl_cert$"
description = "Root certificate or directory to be used for certificate validation"
@ -544,6 +560,5 @@ object CheckCommand "ssl_cert" {
vars.ssl_cert_address = "$check_address$"
vars.ssl_cert_port = 443
vars.ssl_cert_timeout = 10
}