In some cases, when a cert is about to expire, we get an alert about it from every single proxy, which is excessive. This notably happens with the checks in nagios_server/files/nagios/services/ssl.cfg which have hostgroup_name proxies.
These should all just be listed under one server, not all the proxies for our sanities.
This is a relatively simple change and would make a good easyfix for someone looking to make one of their first patches.
Metadata Update from @kevin:
- Issue priority set to: Waiting on Assignee (was: Needs Review)
This is easy enough to change, but... one reason we wanted all the proxies checked was in case we rolled out a new cert and somehow some subset of them didn't update and still had the old cert.
ie, we could just check one, but then we might miss if there's others that are effected.
Not sure whats best here...
to comment on this ticket.