Class SSLCertMonitor

  • All Implemented Interfaces:
    ServiceMonitor

    public class SSLCertMonitor
    extends ParameterSubstitutingMonitor
    This class is designed to be used by the service poller framework to test the validity of an SSL certificate on a remote interface. The class implements the ServiceMonitor interface that allows it to be used along with other plug-ins by the service poller framework. It also has some limited support for STARTTLS. You can specify a preliminary message and expected response (optional, but required for some protocols, notably XMPP) as well as the actual STARTTLS verb and the expected response. Assuming the exchanges pass (only the latter is required for all protocols) normal TLS negotiation then takes place to determine certificate expiration validity.
    Author:
    Ronald Roskens, David Schlenk
    • Field Detail

      • LOG

        public static final org.slf4j.Logger LOG
      • PARAMETER_SERVER_NAME

        public static final java.lang.String PARAMETER_SERVER_NAME
        See Also:
        Constant Field Values
      • PARAMETER_STLS_INIT

        public static final java.lang.String PARAMETER_STLS_INIT
        See Also:
        Constant Field Values
      • PARAMETER_STLS_INIT_RESP

        public static final java.lang.String PARAMETER_STLS_INIT_RESP
        See Also:
        Constant Field Values
      • PARAMETER_STLS_START

        public static final java.lang.String PARAMETER_STLS_START
        See Also:
        Constant Field Values
      • PARAMETER_STLS_START_RESP

        public static final java.lang.String PARAMETER_STLS_START_RESP
        See Also:
        Constant Field Values
    • Constructor Detail

      • SSLCertMonitor

        public SSLCertMonitor()
    • Method Detail

      • poll

        public PollStatus poll​(MonitoredService svc,
                               java.util.Map<java.lang.String,​java.lang.Object> parameters)

        This method is the heart of the plug-in monitor. Each time an interface requires a check to be performed as defined by the scheduler the poll method is invoked. The poll is passed the service to check.

        By default when the status transition from up to down or vice versa the framework will generate an event. Additionally, if the polling interval changes due to an extended unavailability, the framework will generate an additional down event. The plug-in can suppress the generation of the default events by setting the suppress event bit in the returned integer.

        NOTE: This method may be invoked on a Minion, in which case certain bean and facilities will not be available. If any state related information is required such as agent related configuration, it should retrieved by the ServiceMonitor.getRuntimeAttributes(MonitoredService, Map).

        Poll the specified address for HTTP service availability. During the poll an attempt is made to connect on the specified port. If the connection request is successful, check the X509Certificates provided by our peer and check that our time is between the certificates start and end time. Provided that the interface's response is valid we set the service status to SERVICE_AVAILABLE and return.
        Parameters:
        svc - Includes details about to the service being monitored.
        parameters - Includes the service parameters defined in poller-configuration.xml and those returned by ServiceMonitor.getRuntimeAttributes(MonitoredService, Map).
        Returns:
        The availability of the interface and if a transition event should be suppressed.
        See Also:
        PollStatus.SERVICE_AVAILABLE, PollStatus.SERVICE_UNAVAILABLE, PollStatus.SERVICE_AVAILABLE, PollStatus.SERVICE_UNAVAILABLE
      • getCalendarInstance

        protected java.util.Calendar getCalendarInstance()