x509check showing all certificates as revoked

gcarey · July 31, 2024, 4:17pm

I’ve configured the plugin to test some certificates with a minimal config (names changed for privacy):

jobs:

  - name: domain1_com
    source: https://domain1.com:443
    check_revocation_status: true

  - name: domain2_com
    source: https://domain2.com:443
    check_revocation_status: true

  - name: domain3_com
    source: https://domain3.com:443
    check_revocation_status: true

When I look at the output panel they all have a value of 0 indicating that they are revoked. I have a script that checks them and they are not on the associated CRL.

Am I missing something basic here?

Thanks!

ilyam8 · August 5, 2024, 9:42am

Hey, @gcarey. What panel are you referring to? 1 is revoked, 0 is not revoked.

gcarey · August 5, 2024, 12:10pm

Yes @ilyam8, normally I would expect 0 to be a good thing. But documentation says that 0 means revoked unless it’s incorrect.

I will admit that I didn’t look at the code (yet).

ilyam8 · August 5, 2024, 2:41pm

@gcarey that is a wrong description, it is the opposite. I updated the chart in 18261. It will have 2 dimensions: revoked and not_revoked. 1 means status is active, 0 inactive.

gcarey · August 5, 2024, 2:55pm

Very good @ilyam8, that makes more sense. Zero should be the good status.

Thank you for your reply and great work!

Topic		Replies	Views
x509check_revocation_status Alerts	0	423	January 28, 2022
X509 certificate plugin gets permission denied Help agent	1	1402	January 21, 2021
Certificate verification error connecting to the cloud General announcement	5	3758	April 30, 2023
Alerts not using the node name, using original ip_XX name Help agent , configuration	10	942	June 25, 2022
RPM repositories broken? Help	4	495	December 22, 2022

x509check showing all certificates as revoked

Related topics