matteocorti
commented
8 years ago Original reporter: matteo@corti.li
Fixed in r1321
Closed matteocorti closed 8 years ago
matteocorti
commented
8 years ago Original reporter: matteo@corti.li
Fixed in r1321
Original reporter: m@rtijn.net
I am not sure what the intention is with the -N option, but to me, its current implementation doesn't make a lot of sense:
Set COMMON_NAME to hostname if -N was given as argument
if [ "$COMMON_NAME" = "HOST" ] ; then COMMON_NAME=$(hostname) fi
This meanse, that the common name to match the certificate against is set to $(hostname), i.e. the name of the host that the check is running on. This means it only works for checking SSL on the local host, because for any other host, the common name will not match.
I suspect that the intention is, to use the given hostname (-H) as the common name to match, in which case COMMON_NAME should be set to ${HOST} instead of $(hostname):
Set COMMON_NAME to hostname if -N was given as argument
if [ "$COMMON_NAME" = "HOST" ] ; then COMMON_NAME="${HOST}" fi