What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags

View all Tags

Feature Request: Make the SSL Certificate Sensor use the Device's Proxy configuration.



Want this feature implemented, too? Please upvote by clicking Thumbs up!

(Posts as a reply won't be published in this feature request thread. Read Me!)

User story

As a PRTG user, I would like to have the SSL Certificate sensor use a Proxy, as other web based sensors can/do.

Details of user story

Like other sensors that need access to websites externally, and need to go through a proxy, add this feature to the SSL Certificate sensor.

I see that this could have 3 options:

- Proxy Off - This would be the default, so current sensors do not need to be reconfigured when the sensor is upgraded, or new ones created to monitor local Certificates.

- Use Inherited Proxy Setting - As per other current sensors.

- Use these Proxy Settings - To allow local override for this specific sensor and have the fields needed.

Acceptance criteria

  • Criterion #1 - The SSL Certificate sensor can be configured, as per other sensors, to use a proxy for communications.
  • Criterion #2 - The certificate being tested is the destination certificate and not the Proxy's certificate.



Some Background

We had a website that was on-prem and we have just moved it to the cloud. We were monitoring the Certificate successfully via the SSL Certificate sensor. This worked fine while on-prem, but I am getting the error "Failed to establish secure connection" now the site is in the cloud and the sensor needs to go through a Proxy to access it.

I have worked through the KB Article "How can I configure the WinHTTP proxy settings for the SSL Certificate sensor?". Which has not worked for me. Even after the server reboot. Using PRTG v21.4.72.1649+ on Windows 2012R2.

On a side note: You have to be careful to include the proxy bypass option if you use SCCM. WinHTTP is used to connect for updates and will stop working without one.

I have done some investigation. The proxy is not seeing any traffic from the probe for this sensor, other sensors that have a proxy setting are working.

Delving deeper I turned on the WinHTTP Event Trace Log and captured a sensor scan and the first thing I notice is the process is making a request to DNS to resolve the name of the website used in the sensor. Which means it is not using the proxy, if it was the probe would not be doing the DNS request it would send off the request to the proxy and let the proxy handle DNS resolution etc.

Cheers Jim

add-feature prtg-kbtracker sensor ssl-certificate

Created on Dec 2, 2021 3:06:56 AM


Nobody has replied yet

Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.