SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for monitoring-plugins-ssl_cert-2.81.0-1.1.noarch.rpm :

* Sun Mar 17 2024 Martin Hauke - Update to version 2.81.0
* Support for SNI with nmap.
* Added the --fingerprint-alg option to specify which algorithm to be used with --fingerprint.
* Fri Mar 01 2024 Martin Hauke - Update to version 2.80.0
* Add support to ignore unclean TLS shutdowns- Update to version 2.79.0
* Add SIPS support- Update to version 2.78.0
* Add QUIC support
* OpenSSL 3.2.0 support
* Thu Nov 23 2023 Martin Hauke - Update to version 2.77.0
* Added support for MQTTS
* Mon Oct 30 2023 Martin Hauke - Update to version 2.76.0
* --info output at the end
* Wed Sep 27 2023 Martin Hauke - Update to version 2.75.0
* Fixed an issue with the timeout.
* Fri Sep 15 2023 Martin Hauke - Update to version 2.74.0
* Fixed an issue in the /etc/hosts parsing
* Tue Aug 29 2023 Martin Hauke - Update to version 2.73.0
* Fixed OCSP checks with proxy and OpenSSL 1.X- Update to version 2.72.0
* Fixed a bug in the proxy command line options validation- Update to version 2.71.0
* Fixed a bug if the host cannot be resolved and --resolve is specified- Update to version 2.70.0
* Added an option to skip the test to see if the host can be resolved
* Added an option to resolve an host using DNS over HTTP
* Added the Icigna2 configuration file- Update to version 2.69.0
* Added an option to skip the test to see if the host can be resolved
* Added an option to resolve an host using DNS over HTTP- Update to version 2.68.0
* Fixes the protocol used by nmap if the host is resolved with /etc/hosts
* Do not convert a CRL if already in the correct format
* Removed a PCRE grep expression (non-standard)- Update to version 2.67.0
* Considers /etc/hosts for the existence checks- Update to version 2.66.0
* Fixed a problem with decimal critical or warning values and expired certificates- Update to version 2.65.0
* Fixed CRL output format parsing
* Fri Apr 07 2023 Martin Hauke - Update to version 2.64.0
* Fixed the resolution of hosts with IPv6 addresses only
* Fri Apr 07 2023 Martin Hauke - Update to version 2.63.0
* Command line option to ignore SSL Labs errors (-ignore-ssl-labs-errors)
* Better checks for non-resolvable hosts
* Thu Mar 16 2023 Martin Hauke - Update to version 2.62.0
* Fixed the output in case of timeout
* Fixed the ciphers with --rsa- Update to version 2.61.0
* Fixed the algorithms used by --rsa
* Wed Feb 15 2023 Martin Hauke - Update to version 2.60.0
* Hot fix for version 2.59 (bug fix for --ignore-host-name)- Update to version 2.59.0
* Fixes --ignore-host-cn behaviour with --match
* Mon Jan 16 2023 Martin Hauke - Update to version 2.58.0
* Added the option --security-level
* Added an option to ignore header problems with --all and - -all-local (--ignore-http-headers)
* Sun Dec 04 2022 Martin Hauke - Update to version 2.57.0
* Support for DNS over TLS
* Wed Nov 30 2022 Martin Hauke - Update to version 2.56.0
* New command line option --path
* Fri Nov 25 2022 Martin Hauke - Update to version 2.55.0
* Java KeyStore checks
* Bug fixes in the TDS checks
* Thu Oct 20 2022 Martin Hauke - Update to version 2.54.0
* Java KeyStore checks
* Bug fixes in the TDS checks
* Wed Oct 19 2022 Martin Hauke - Update to version 2.53.0
* Implemented a check for MS SQL (Tabular Data Stream, TDS)
* Fixed a bug in the date computations with Perl
* Thu Oct 06 2022 Martin Hauke - Update to version 2.52.0
* Removed spurious debugging output- Update to version 2.51.0
* Fixed a bug in the chain checks- Update to version 2.50.0
* Additional checks for the certificate chain (see --check-chain)
* Tue Sep 27 2022 Martin Hauke - Update to version 2.49.0
* The plugin is working without nmap (with some limitations)
* Fixed a bug in the processing of the --nmap-bin option
* Sun Sep 25 2022 Martin Hauke - Update to version 2.48.0
* Fixes the parsing of --require-no-http-header
* Sat Sep 24 2022 Martin Hauke - Update to version 2.47.0
* New options to check HTTP headers (see --help)
* Options can now be specified in a configuration file. (see README.md).
* Fixed a bug in the total certificate validity check if - -precision is specified.
* Tue Sep 20 2022 Martin Hauke - Update to version 2.46.0
* The maximum validity check is performed only for HTTPS, files or if the --maximum-validity option is specified.
* Mon Sep 19 2022 Martin Hauke - Update to version 2.45.0
* Checks the maximum certificate validity.
* Tue Sep 13 2022 Martin Hauke - Update to version 2.44.0
* Fixed a problem with grep 3.8
* Added --grep-bin to specify the grep binary to be used
* Added --debug-headers to store the HTTP headers in the headers.txt file
* Fri Sep 09 2022 Martin Hauke - Update to version 2.43.0
* Rewrote the HTTP security header checks (see documentation)
* Fixed a bug when parsing certificates without purpose
* Wed Sep 07 2022 Martin Hauke - Update to version 2.42.0
* Disable checks with nmap if a proxy is specified
* Added --require-x-frame-options to check for the X-Frame-Options header- Update to version 2.41.0
* Fixed the parsing of UTF-8 certificate subjects
* Better OpenSSL error handling
* Fixed the HSTS check- Update to version 2.40.0
* Fixed the parsing of the signature algorithm- Update to version 2.38.0
* Fixed the handling of --ignore-connection-problems- Update to version 2.37.0
* New option --require--hsts to check for HTTP Strict Transport Security- Update to version 2.36.0
* New option --user-agent to specify the user agent used by curl and by OpenSSL for HTTPS connections
* Sat Jul 16 2022 Martin Hauke - Update to version 2.35.0
* Better error handling
* Better handling of IPv6 addresses
* Wed Jul 06 2022 Martin Hauke - Update to version 2.34.0
* If x509 -ext is not supported no info on the certificate purpose is extracted
* Fri Jul 01 2022 Martin Hauke - Update to versino 2.33.0
* Added DNSSEC checks
* Sat Jun 18 2022 Martin Hauke - Update to version 2.32.0
* Added checks for the certificate purpose- Update to version 2.31.0
* Fixed a problem with Prometheus output
* Thu Jun 02 2022 Martin Hauke - Update to version 2.30.0
* Fixed a bug in the prometheus output
* Thu May 26 2022 Martin Hauke - Update to version 2.29.0
* Support for DTLS
* Default ports for XMPP
* Mon May 09 2022 Martin Hauke - Require \"bc\" since it is now a requirement for some checks.
* Thu Apr 28 2022 Martin Hauke - Update to version 2.27.0
* Fixed a bug with the ciphers check with older nmap versions
* Fixed a bug in the display of the expiration date
* Wed Apr 13 2022 Martin Hauke - Update to versino 2.25.0
* Caching of the host names to be used with bash completion
* Wed Apr 06 2022 Martin Hauke - Update to version 2.24.0
* Fixes a problem with timeouts and SSL Labs
* Wed Mar 30 2022 Martin Hauke - Update to version 2.23.0
* An Unknown status is only returned for plugin-internal issues
* Fixes a bug when the specified --match is an IP address
* Sun Mar 13 2022 Martin Hauke - Update to version 2.22.0
* The protocol is shown in the output
* Processes files with .pkcs12 extension
* Display all the unmatched common names
* Thu Feb 24 2022 Martin Hauke - Update to version 2.21.0
* New option: --quiet
* The checked host and port are displayed in the output
* Better documnentation of the --format option
* Fri Feb 04 2022 Martin Hauke - Update to version 2.20.0
* adding the reason of the timeout to the error message- Update to version 2.19.0
* --file now accepts URIs (e.g., http://, https://, ftp://, file://, ...)
* Added input validation for integers and floats
* Wed Jan 12 2022 Martin Hauke - Update to version 2.18.0
* Use the same number format for the perfomance data as the given critical or warning values (e.g., rational numbers).
* Mon Dec 27 2021 Martin Hauke - Update to version 2.17.0
* Fixed several issues when specifying a numeric IPv6 address
* Checking the whole chain with STARTTLS- Update to version 2.16.0
* Remove the trailing . from FQDNs
* Fixed a problem with self signed certificates
* Sun Dec 19 2021 Martin Hauke - Update to version 2.15.0
* Error if HTTP/2 is requested but not offered by the server
* SSL 2.0 and SSL 3.0 disabled by --all and --all-local- Update to version 2.14.0
* Added an option --info to print certificate information
* Fixed a bug causing an unnecessary scan when checking for disallowed protocols
* Fixed the IPv6 checks when ipconfig is not available
* Thu Nov 25 2021 Martin Hauke - Update to version 2.13.0
* Fixed a bug in the processing of error messages
* Handling of root certificates in DER format
* Fixed the nmap cipher check for hosts which are not discoverable
* Thu Nov 18 2021 Martin Hauke - Update to version 2.12.0
* Improved verbose messages
* Thu Nov 11 2021 Martin Hauke - Update to version 2.11.0
* Works with OpenSSL 3.0.0
* Fixes a bug in the processing of certificate issuers containing commas
* Mon Oct 25 2021 Martin Hauke - Update to version 2.10.4
* Fixes the organisation check- Update to version 2.10.3
* Fixes --rsa on systems not supporting PSS
* Uses mktemp if available (the workaround is only used if not available for speed reasons)
* Sun Oct 17 2021 Martin Hauke - Update to version 2.10.2
* Improved the certificate chain check of local bundles
* Wed Oct 13 2021 Martin Hauke - Update to version 2.10.1
* Fixed the certificate chain check.- Update to version 2.10.0
* Checks the certificate chain integrity.
* Does not accept certificates without SANs (use - -allow-empty-san to ignore).
* Bug fix in the handling of errors while fetching certificates.
* Allows a check on invalid FQDNs containing an underscore.- Update to version 2.9.1
* Accepts certificates without subject alternative names.
* Added an option (--debug-time) to print the elapsed time in the debugging output.- Update to version 2.9.0 The --skip-element option can now be specified multiple times. and specifies to skip a single element of the certificate chain.
* Wed Sep 29 2021 Martin Hauke - Update to version 2.8.0
* Adds a check for acceptable client certificate CAs ( (--require-client-cert [list]))
* Supporting certificate expiration after 2038-01-19 on 32 bit systems.
* Adds an option (--ignore-connection-problem) to set a custom state in case of connection failures.
* Adds two options to selectively disable proxy setting for cURL and s_client (--no-proxy-curl and --no-proxy-s_client).
* Wed Sep 22 2021 Martin Hauke - Update to version 2.6.1
* Fixed the output of several messages
* Fixed the order of the critical messages
* Fixed a problem when checking a local CRL (no STC checks and automatic conversion from DER format)
* Fixed a problem with the tests with IPv6
* Fixed a problem when checking a local certificate (does not try to connect to localhost to check for renegotiation)
* Sun Sep 19 2021 Martin Hauke - Update to version 2.6.0
* Added the --prometheus command line option to generate output for Prometheus/OpenMetrics
* Automatically assume localhost if --file is specified
* Thu Sep 16 2021 Martin Hauke - Update to version 2.5.2
* Fixed the output in case or multiple errors
* Fixed the detection of server internal errors by OCSP checks
* Fri Aug 27 2021 Martin Hauke - Update to version 2.4.2
* Fixed the handling of IP addresses
* Thu Aug 19 2021 Martin Hauke - Update to version 2.4.1
* Fixed the handling of --file and --cn- Update to version 2.4.0
* Support DANE TLSA 312
* Tue Aug 17 2021 Martin Hauke - Update to version 2.3.8
* fixed the parsing of the \"--cn\" command line option and improved the validation of the specified hostname
* Tue Jul 13 2021 Martin Hauke - Udpate to version 2.3.7
* Bug fix: performance data is no more shown by critical and warning message when --no-perf is specified
* Mon Jun 28 2021 Martin Hauke - Udpate to version 2.3.6
* Bug fix: symbolic links are followed- Udpate to version 2.3.5
* Bug fix: correct parsing of file(1) output- Udpate to version 2.3.4
* Stop the SSL Labs checks after an error- Udpate to version 2.3.3
* Speedup the offered ciphers check
* Fri Jun 04 2021 Martin Hauke - Udpate to version 2.3.2
* Bug fix: always uses the specifies OpenSSL binary and respects the specified IP version.- Udpate to version 2.3.0
* Added the --debug-file option- Udpate to version 2.2.0
* Bug fix: --debug does not store any information in $TMPDIR anymore
* To locally store the retrieved certificates in debug mode the option --debug-cert has to be specified
* Thu May 06 2021 Martin Hauke - Update to version 2.1.4
* Bug fix in the handling of Qualy\'s SSL Lab command line options
* Bug fix in the Qualy\'s SSL Lab check of non-reachable machines
* Add domain if FQDN is missing
* Thu Apr 29 2021 Martin Hauke - Update to version 2.1.0
* Added an option to hide performance data
* Fixed a bug in the critical and warning output when the CN is not available
* Wed Apr 07 2021 Martin Hauke - Update to version 2.0.1
* Bug fix in the TLS renegotiation check
* Fri Apr 02 2021 Martin Hauke - Update to versin 2.0.0
* The host name must now always match with the certificate.
* Fixed the man page, README.md and --help output (some options were missing).
* Short options can be grouped (e.g., -vs -c 10 -w 15).
* Different verbosity levels can be specified (-v can be used more than once).
* Added the --resolve option to specify a custom IP for the checked host.
* Sun Mar 28 2021 Martin Hauke - Update to versin 1.146.0
* Added --all to enable oll the optional checks.
* Fixed a bug in the processing of client certificate requirements.
* Improved the error handling in case a TLS connection is not possible.- Update to versin 1.145.0
* Bug fix in the OpenSSL version parsing.
* Sun Mar 14 2021 Martin Hauke - Update to versin 1.144.0
* Added a function to compare OpenSSL versions.
* Fri Mar 12 2021 Martin Hauke - Update to versin 1.143.0
* Checks ciphers with nmap (--check-ciphers and - -check-ciphers-warnings)
* Better handling of the timeout
* Checks oll the supplied OCSP URIs
* Wed Mar 10 2021 Martin Hauke - Update to versin 1.142.0
* Improved the TLS renegotiation check
* Added --password to specify a password source for PCKS12 certificates
* Tue Mar 09 2021 Martin Hauke - Update to versin 1.141.0
* Do not check SCTs if the certificate is self signed
* Fixed the processing of --inetproto
* Supports local PCKS #12 and DER formatted certificates
* Sun Feb 28 2021 Martin Hauke - Update to version 1.140.0
* Fixed a bug in the SCT check- Update to version 1.139.0
* Fixes the TLS renegotiation check- Update to version 1.138.0
* Checks for TLS renegotiation (which should not be supported)
* Thu Feb 18 2021 Martin Hauke - Update to version 1.137.0
* Added the --url option to specify the URL for the HTTP request
* Tue Feb 16 2021 Martin Hauke - Update to version 1.136.0
* Fixed the ignored SCT option
* Thu Jan 28 2021 Martin Hauke - Update to version 1.135.0
* Checks for signed certificate timestamps (STCs)- Update to version 1.134.0
* Support for Alpine Linux and BusyBox
* Tue Jan 26 2021 Martin Hauke - Update to version 1.133.0
* Support for BusyBox date
* --date option to specify which date binary to use
* Tue Jan 19 2021 Martin Hauke - Update to version 1.132.0
* Timeouted subprocesses can now be interrupted
* Revokation via CRL can be checked with the --crl option
* Better error messages for DH with small keys and handshake failures
* Fri Jan 15 2021 Martin Hauke - Update to version 1.131.0
* Checks revocation on all the certificare chain elements
* Thu Jan 14 2021 Martin Hauke - Update to version 1.130.0
* Retries when SSL Labs runs at full capacity
  
ICM