You are browsing a read-only backup copy of Wikitech. The live site can be found at wikitech.wikimedia.org

Monitoring/https unauthorized

From Wikitech-static
Jump to navigation Jump to search

check_https_unauthorized is used to ensure that a specific end point requires authentication. The icinga definition looks as follows

define command {
    command_name    check_https_unauthorized
    command_line    $USER1$/check_http --ssl --sni -I $HOSTADDRESS$ -H $ARG1$ -u $ARG2$ -e "HTTP/1.1 $ARG3$ "
}

So if we have a monitoring::services definition with the following `check_command` then the expectation is that visiting `https://www.example.org/foobar' will return a response containing `HTTP/1.1 401'

"check_https_unauthorized!www.example.org!/foobar!401"

you can manually test this using curl

curl --head -k https://www.example.org/foobar