SSLError for HTTPS module

Question

LogicMonitor is telling me that one of my FortiGate firewalls, which uses a self signed cert for the GUI, is giving a couple of errors.&nbsp; One error was "days remaining" for the SSL certificate and the other is just this generic "SSLError".&nbsp; I went into the FortiGate and renewed the self signed cert for the GUI and that cleared up the "days remaining" error but the generic "SSLError" persists.&nbsp; I'm not quite sure what's throwing the error so I'm not really sure what to do to resolve it.&nbsp; Suggestions?

mike_moniz · Answer

Looking at the HTTPS datasource, the SSLError datapoint will alert if the value is 6. Looking at https://www.logicmonitor.com/support/logicmodules/datasources/data-collection-methods/webpage-httphttps-data-collection says that is "invalid SSL certificate" so still looking like a cert issue. The HTTPS check should work fine with self-signed certs (does here), so I would guess perhaps the options when it was regenerated are the issue? Like perhaps it uses an old algorithm or an invalid subject?
I would try looking at the cert details in a browser to look at it in more detail.

lewis_beard · Answer

I wonder if there is any chance his server does a redirect. We had some issue where SSL Certs datasource was trying to look at the site LM had but that site actually redirected to somewhere else, but the datasource doesnt care. So we had some issues due to the SSL cert datasource not taking that into account. Probably not related, its just the only thing I have that could help OP. I guess I should have replied to him. :) Oh well, he will see the extra post count surely. :)

kirby_timm · Answer

Could be that it's because it looks like some other built in certs are expiring next month.&nbsp; I'll put it through a change control and run the commands to update the certs and see if that resolves it.

kirby_timm · Answer

I don't think this would be the case.&nbsp; The error wasn't there before I went on PTO, nothing changed while I was out, and the error was there while I came back from PTO.

lewis_beard · Answer

Fair enough. I just remembered that a redirect thing bit us once, when someone changed something on a server we were monitoring, and the redirect was new. Hope you find something soon. Cheers!

Forum Discussion

SSLError for HTTPS module

6 Replies

Recent Discussions

Warning: Linux Collector Upgrades Leaving Collectors Unusable

API endpoint for User Groups?

SSLError for HTTPS module

Occasional Bad Request with API to PATCH users

Any way to grab Threshold data as a variable and add it to a graph?