check_http certificate expiration with SNI

The check_http can be used for many checks, one of them is to check the expiration date of a SSL certificate which can be accessed via HTTPS.

Usually the check is being done like this:
./check_http -H www.michielonline.nl -C 30,60
The -C option checks directly the SSL function, 30 is for the number of days before a critical, 60 is when Nagios begins to alert the warning.

When your server is using multiple HTTPS websites on one IP address, you use SNI (Server Name Indication), see also: https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI

When you use the same Nagios check_http check all websites are responding with the same SSL certificate instead of the right certificate for the HTTPS website.
The check_http check has an extra option: "−−sni"

So if you use SNI on your webserver, the check must also be done with the −−sni option.
The complete line is now as follows:
./check_http -H www.michielonline.nl -C 30,60 --sni
Now, all SSL checks are checked on the name instead of the ip address.

Example output:
./check_http -H www.michielonline.nl -C 30,60 --sni
OK - Certificate 'www.michielonline.nl' will expire on Thu 13 Oct 2016 10:16:00 AM CEST.