TCP certificate expiry checks
Updown is great for HTTPS checks - loving the cert expiry warnings, and I can also check my mailserver with the TCP checks.
I would like to also check the cert validity on a non-HTTPS ports. (i.e. IMAPS or SMTPS. I'm not asking for any understanding of the protocol for non HTTP(S) ports, just connect and do cert checks.)
Ash Berlin-Taylor
shared this idea
TCPS checks have been implemented: https://headwayapp.co/updown-release-notes/tcps-check-247887
I took the liberty to upgrade some of your checks to tcps already. Let me know if you have any problem or questions with the feature :)
-
Harry Gaitanidis commented
Very useful feature!!
-
Thanks for the feedback!
-
rgr77
commented
Hi, I have the exact same requirment (LDAPS running on port 636). I tested your suggested command and it looks good :)
-
Thanks for suggestion, so basically we would be talking about a TCP + TLS handshake test, the connection would then be closed before exchanging any data. Something like "echo | openssl s_client -connect updown.io:443" ? does this work well with your LDAPS?
-
calmh
commented
Currently we have HTTP, HTTPS, ICMP, and TCP type checks. These cover probably most things, with TCP being the escape valve for non-HTTP based services. However, I have some non-HTTP services that are nevertheless behind TLS, for example LDAPS. It would be good to have these checked not only as TCP but as TCP+TLS, with the same certificate verification logic that goes into HTTPS. That is, this would be to TCP as HTTPS is to HTTP.