baramundi-ahaugk
commented
4 years ago This is not a issue, the script works in a secure manner. It is important to note that this workaround overrides the security of the SSL connection. Setting "ServerCertificateValidationCallback" to true will always return true, even if the certificate is invalid. This means that you open the script for man-in-the-middle-attacks. Because bConnect use basic authentication, the SSL encryption is the only security for the given credentials. To avoid this dirty workaround please
- register the baramundi RootCA from your server as trusted CA on the probe or
- Bind a valid 3rd party SSL certificate to the bConnect port on your bMS
Hello, it is not possible to use the script until anybody had imported the self created certificate from the ssl certificate into the local certificate store on the probe machine.
Regarding the time which the CA or certificate is valid, it goes to an error if it the date was running out of validity. Therefore, the Admin has to renew the certificate. Regarding PCI-DSS - it is not allowed to use longterm certificates.
At this time, the sensor goes in error, until it is solved. OKAY - we can montoring the ssl certificate of this Server - but it is another task more to know and to administrate.
We had used the workaround, that we are ignoring the certicate, which is not trusted by an official CA. Can you please set this feature too in the scripts, as that they are working properly ? https://www.msxfaq.de/code/powershell/powershell_und_zertifikate_check.htm
And regarding the content here, there were file ressources present on another places in the lasttime, with different code content as here in Github.
it would be fine, if there is only one PS script present, to implement it easier and sectional entry points of the needed functions.
Most friendlier would it be, if the ensor is selectable in the PRTG Core Server GUI as given Sensor, which made all by themself. Without configuring it on a probe server, parameters set in the sensor from the CI of the Server, directly and else.
We as MSP, have to invest many time to integrate this kind of sensor in the most cases , on a probe manually. The effort for the implemation and billing the cost of the monitoring for this enviroment to a customer, takes by this handling, more than 18 months until it takes a roi for us.
wbr