TCP certificate expiry checks
complete
A
Ash Berlin-Taylor
Updown is great for HTTPS checks - loving the cert expiry warnings, and I can also check my mailserver with the TCP checks.
I would like to also check the cert validity on a non-HTTPS ports. (i.e. IMAPS or SMTPS. I'm not asking for any understanding of the protocol for non HTTP(S) ports, just connect and do cert checks.)
Log In
Adrien Rey-Jarthon
TCPS checks have been implemented: https://headwayapp.co/updown-release-notes/tcps-check-247887
I took the liberty to upgrade some of your checks to tcps already. Let me know if you have any problem or questions with the feature :)
📆
This response was made on 2022-10-24 (the comment date is wrong)
Adrien Rey-Jarthon
Merged in a post:
"tcps" type check
Jakob Borg
Currently we have HTTP, HTTPS, ICMP, and TCP type checks. These cover probably most things, with TCP being the escape valve for non-HTTP based services. However, I have some non-HTTP services that are nevertheless behind TLS, for example LDAPS. It would be good to have these checked not only as TCP but as TCP+TLS, with the same certificate verification logic that goes into HTTPS. That is, this would be to TCP as HTTPS is to HTTP.
Harry Gaitanidis
Very useful feature!!
Adrien Rey-Jarthon
Thanks for the feedback!
r
rgr77
Hi, I have the exact same requirment (LDAPS running on port 636). I tested your suggested command and it looks good :)
Adrien Rey-Jarthon
Thanks for suggestion, so basically we would be talking about a TCP + TLS handshake test, the connection would then be closed before exchanging any data. Something like "echo | openssl s_client -connect updown.io:443" ? does this work well with your LDAPS?
Jakob Borg
Currently we have HTTP, HTTPS, ICMP, and TCP type checks. These cover probably most things, with TCP being the escape valve for non-HTTP based services. However, I have some non-HTTP services that are nevertheless behind TLS, for example LDAPS. It would be good to have these checked not only as TCP but as TCP+TLS, with the same certificate verification logic that goes into HTTPS. That is, this would be to TCP as HTTPS is to HTTP.