Add host certificate monitoring
We currently have unmonitored certificates in production machines, for example:
[root@gratia-main-osg ~]# ll /etc/grid-security/host*.pem
lrwxrwxrwx 1 root root 37 May 6 11:28 /etc/grid-security/hostcert.pem -> gratia-main-osg.fnal.gov-hostcert.pem
lrwxrwxrwx 1 root root 36 May 6 11:27 /etc/grid-security/hostkey.pem -> gratia-main-osg.fnal.gov-hostkey.pem
I don't see any alert on check_mk:
Sensors need to be deployed for check_mk. IMO a good way to do this would be to have whichever puppet class deploys certificates include a class that installs the certificate monitoring check.