If you’ve already got Nagios monitoring your SSL-enabled web server, then it’s very easy to make it also warn you when your SSL certificate is soon to expire.
Simple change your check_https command definition (in the file /etc/nagios-plugins/config/http.cfg on Debian/Ubuntu) to the following:
define command{
command_name check_https
command_line /usr/lib/nagios/plugins/check_http --ssl -C 14 -H '$HOSTADDRESS$' -I '$HOSTADDRESS$'
}
The ‘14′ in the command line is the number of days prior to expiry Nagios should warn you to renew the certificate – change as appropriate.
Now Nagios will produce a warning when your SSL certificate is close to renewal time, and show status CRITICAL if you let it expire anyway.
