Is there a way to override the SSL evaluation as part of Web App Availability monitoring?
I’ve got some URLs with self-signed certs that go ‘critical’ - adding them to Trusted Root CAs store on the SCOM Management Servers fixes it, but isn’t very clean.
I realise I can use Web App Transaction monitors instead, and untick the ‘Monitor SSL Health’ box, but then I don’t get the nice Web Availability Test perspective in SqUp.
I would create a group with the objects and disable it for that group. If you want to disable for every instance, it’s just a matter of disable monitor for all object of class
To answer my own question, I don’t think it’s possible to override SSL evaluation for the Web App availability monitor. Adding the self signed certificates to the SCOM management servers in the web monitoring resource pool mostly fixed the issue, but we were getting a certain amount of flappage on the monitors. Setting them to error 3 times before raising an alert seems to have done the trick. Seems a lot of work for when I just want a simple ‘anything other than 200 is an error’!
The URL Genie management pack mentioned by crowdpleaser above looks a useful addition to web monitoring. Thanks for the help guys.
There is a way around this. Go to Internet Options, advanced, security, and UNCHECK warn about certificate name mismatches.
Thanks Ehrnst - is it possible to override the SSL evaluation check for a web app availability monitor though - if so how?!
Not a direct answer to your question so I’m adding this as a Comment, but if you’re working on Web App Availability Monitoring in general, you may find Tyson Paul’s URL Genie Management Pack helpful. It’s not something I have direct experience with but do know a very well respected free, community Management Pack from a leading Microsoft Premier Field Engineer and I noticed it also mentions “some benefits of using this monitor type are: ignore/trust SSL cert (server side)”. Hope this is helpful
Thanks for the tip crowdpleaser - does look a useful management pack, cheers.