We get caught out by expired VPN certs often. We should monitor that from Zabbix.
Should be easy enough to call "openssl x509 ..." on the client.crt file from the agent. Will probably trip over SELinux but otherwise it's easy enough. Not all hosts have VPN but we could use discovery for that perhaps, and then deploy it everywhere?
Metadata Update from @gwmngilfen: - Issue assigned to gwmngilfen
Metadata Update from @gwmngilfen: - Issue tagged with: monitoring
Metadata Update from @phsmoura: - Issue priority set to: Waiting on Assignee (was: Needs Review) - Issue tagged with: medium-gain, medium-trouble, ops
Metadata Update from @gwmngilfen: - Issue tagged with: sprint-0
This issue has been migrated to Fedora Forge: https://forge.fedoraproject.org/infra/tickets/issues/13021
Please continue any further discussion there.
Metadata Update from @ryanlerch: - Issue close_status updated to: Migrated to Fedora Forge - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.