Hello

I didn’t know there was a “certificate” check in netscaler (lol)

I personnaly use the standard x509 certificate check that comes in a separate plugins, and it has a different syntax for alerting :

/usr/lib/centreon/plugins/centreon_protocol_x509.pl --plugin=apps::protocols::x509::plugin --mode=certificate --hostname=10.10.10.1 --port=443 --warning-status='%{expiration} < 30' --critical-status='%{expiration} < 15' --ssl-opt="SSL_verify_mode => SSL_VERIFY_NONE" --custommode=tcp --ssl-ignore-errors

I did a bit of tweaking on the command line to pass a different hostname to the original command and I either pass the fqdn of the netscaler virtual ip, or I put the ip directly

I will try this snmp check for netscaler and see if I have the same bug

hmm yes, I have the same bug, the --critical-days value is not used as a standard value counter  : if above then alert. (usually the case whent you want 80% capcity or %usage), but that is not adapted to a “less than x” value.

I tried a few other variant, like “-15” or some “%{something} < 15”, it’s not working

so you have found a bug, I did look at the code, but it’s the part of the centreon code I can’t make any sense “how you check value against parameters”

as a working alternative, try the x509 pluginpack, and adapt it to your need, I use the check x509 in tcp mode, and I have made a custom command using a custom macro where I put the ip/dns/url I want to check the ssl validity on (you have the command line I used in the post above, you just need to use your own macro)

Looking at issue 588, it appears you need to pass <min>:<max> to the critical and warning threshold. So, using ‘--critical=107:’ will get you a CRITICAL output if your cert has less than 107 days to go.