check_httpv2: Add ability to check a vhost on an IP/host that differs from the vhost's DNS record

Comments: 10     Oldest | Newest | Most likes | Fewest likes

• 01 Jul, '24
  ggripp

  I have a very similar use case. When monitoring HA websites, it's very useful to check every balance member behind the load balances separately. For this, I need to check the target URL on a specific IP with the corresponding virtual host header.
  
  Please bring back this feature!

  Like 5
• 15 Jul, '24
  Mike

  New plugin is not compatibile with previous one.
  
  This is essential feature.

  Like 3
• 31 Jul, '24
  Klaus

  It would be good if this were also implemented in the certificate check.
  The principle is as follows:
  
  openssl s_client -connect <IP>:443 -servername <vhost>

  Like 3
• 08 Aug, '24
  Gabriel Guillem Barcelo Soteras

  The transition from check_http (v1) to check_httpv2 has been met with criticism due to perceived downgrades in functionality. The deprecation of v1 appears to be premature, as v2 does not offer full feature parity. Consequently, we will remain on version checkmk 2.3 with check_http (v1) and await further developments in v2.
  
  For further details, refer to Checkmk Werk #15515. https://checkmk.com/werk/15515

  Like 2
• 17 Aug, '24
  DM

  Would also be good if the frontend would expose the ability to restrict the check to ipv6 or ipv4 - the plugin already has a --force-ip-version option, but I don't see how to consume it in WATO.

  Like 1
• 05 Sep, '24
  Jamie Murphy

  until check_httpv2 feature matches check_httpv1 it should not be disabled as configuration option in checkmk 2.4.0.
  
  the legacy check was useful for many reasons.
  
  could set the ip to connect to. so if a host has multiple ips and you need to check a http service on a specific ip it would let you override it.
  could set vhost. useful as described above

  Like 2
• 09 Oct, '24
  Lalufu

  In an HTTPS check, there are at least three different host names:
  1. The name which resolves to the IP address to which the TCP connection is established
  2. The name sent by the client in the TLS handshake (the SNI)
  3. The name sent in the HTTP `Host` header
  
  These all _can_ be the same, but they don't have to be, and especially for monitoring at least being able to separate the first two is important. Having the third would be nice.
  
  For generic certificate checks only the first two apply.
  
  Neither of the new `check_httpv2` or `check_cert` checks seem to be able to make this distinction. `check_http` can at least distinguish 1 and 2, although it seems to always use the same value for 2 and 3.
  
  This is causing me some trouble in trying to move away from a very old cmk installation.

  Like 1
• 22 Nov, '24
  Mohamed Saleh Admin

  Hello,
  
  Thank you for your idea. After thorough internal discussion, we’ve decided to plan its implementation for one of the next releases of our software. We look forward to keeping you updated on progress.
  
  At Checkmk we work on ideas based on business needs, customer demand, and resource availability. For strategic reasons, we reserve the right to re-evaluate the priority and/or scope of this feature as new information becomes available. We therefore ask for your understanding that we do not guarantee its implementation.
  
  Warm regards,
  Your Checkmk team

  Like 4
• 09 Jan
  Martin Hirschvogel Admin

  Hello,
  
  Good news! Your idea has been implemented into our software. The functionality is available upstream and will be published with the next major release.
  See for more details: https://checkmk.com/werk/15520
  
  Warm regards,
  Your Checkmk team

  Like 3
• 08 May
  Martin Hirschvogel Admin

  Hello,
  
  This feature is released with Checkmk version 2.4.0.
  
  Warm regards,
  
  Your Checkmk team

  Like