What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

2 SSL check issue

Votes:

0

Hi all,

I have several sensors running that checks when a SSL certificate expires.

I get the following error; Warning by lookup value 'No' in Root Authority Trusted - Warning by lookup value 'Unable to check revocation status' in Revoked - -528 # (Days to Expiration) is below the error limit of 7 # in Days to Expiration

I don't understand why I get this error. The certificate is also not expired and It looks like that it checks a self-signed certificate although that should not be possible.

Another issue is with certificates running on a WIndows 2003-server(s) Error that I get ; Failed to establish secure connection [Step 0] Error connecting with SSL. EOF was observed that violates the protocol [Step 1] Error connecting with SSL. EOF was observed that violates the protocol [Step 2] Error connecting with SSL. EOF was observed that violates the protocol [Step 3] Error connecting with SSL. EOF was observed that violates the protocol [Step 4] Error connecting with SSL. EOF was observed that violates the protocol

How can I solve this so I do can check on Windows 2003...

certificate http ssl

Created on Nov 24, 2016 3:21:34 PM



1 Reply

Votes:

0

Hi there,

Thank you for your support request.

To check the revocation status, the Probe running the sensor (PRTG Core Server or Remote Probe) needs internet access in order to check the revocation status. Is this the case?

Regarding your issue on Windows Server 2003, you should be aware that the SSL Certificate sensor will always query it's parent device.
(So for instance, to monitor the certificate for https://www.paessler.com the device's address must be the FQDN www.paessler.com).

Within the sensor's settings you will only need to enter the port (for HTTPS it's usually 443). The sensor also supports SNI, this only needs to be configured if you're using more than one certificate on a single port/address combination.

Best,
Sebastian Kniege [Paessler Support]

Created on Nov 25, 2016 7:26:43 AM by Sebastian Kniege [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.