SSL monitoring improvements
Several related ideas:
* please make it so Web Service checks allow detection of expiring SSL certificates, preferably via a parameter in the alert tuning, at least 30 days by default.
* please adjust the SSL_Certs datasource to also check validity. The current script is in a JAR file, so hard to see how to adjust on my end -- it may already have what is needed. We had a cert loaded yesterday with a broken chain, which make it invalid, but the DS happily reported it was expiring in 1110 days during that period.
* same as above, for F5 VIP certificates, if possible (not clear that is exposed via F5 SNMP results)
* the web service check should also report validity, but I think it may already (if SSL errors are detected)
* allow SSL checks against virtual hosts via CN matching and SNI; this would I assume require a special manually configured multi-instance DS like PingMulti?
Thanks!
Mark