added option -I (--insecure) to disable certificate validation

README.md

@@ -16,7 +16,7 @@ Executing `./check_http_json.py -h` will yield the following details:
 
 ```
 usage: check_http_json.py [-h] [-d] [-s] -H HOST [-P PORT] [-p PATH]
-                          [-t TIMEOUT] [-B AUTH] [-D DATA] [-A HEADERS]
+                          [-t TIMEOUT] [-B AUTH] [-D DATA] [-A HEADERS] [-I]
                           [-f SEPARATOR]
                           [-w [KEY_THRESHOLD_WARNING [KEY_THRESHOLD_WARNING ...]]]
                           [-c [KEY_THRESHOLD_CRITICAL [KEY_THRESHOLD_CRITICAL ...]]]
@@ -44,6 +44,7 @@ optional arguments:
   -D DATA, --data DATA  The http payload to send as a POST
   -A HEADERS, --headers HEADERS
                         The http headers in JSON format.
+  -I, --insecure        Do not validate certificates
   -f SEPARATOR, --field_separator SEPARATOR
                         Json Field separator, defaults to "." ; Select element
                         in an array with "(" ")"
@@ -81,6 +82,7 @@ optional arguments:
                         formats for this parameter are: (key[>alias]),
                         (key[>alias],UnitOfMeasure),
                         (key[>alias],UnitOfMeasure,WarnRange,CriticalRange).
+
 ```
 
 ## Examples

check_http_json.py

@@ -7,9 +7,10 @@ Generic Nagios plugin which checks json values from a given endpoint against arg
 and determines the status and performance data for that service.
 """
 
-import httplib, urllib, urllib2, base64
+import urllib2, base64
 import json
 import argparse
+import ssl
 import sys
 from pprint import pprint
 from urllib2 import HTTPError
@@ -276,6 +277,7 @@ def parseArgs():
 	parser.add_argument('-B', '--basic-auth', dest='auth', help='Basic auth string "username:password"')
 	parser.add_argument('-D', '--data', dest='data', help='The http payload to send as a POST')
 	parser.add_argument('-A', '--headers', dest='headers', help='The http headers in JSON format.')
+	parser.add_argument('-I', '--insecure', dest='insecure', help='Do not validate certificates', action='store_true')
 	parser.add_argument('-f', '--field_separator', dest='separator',
 		help='Json Field separator, defaults to "." ; Select element in an array with "(" ")"')
 	parser.add_argument('-w', '--warning', dest='key_threshold_warning', nargs='*',
@@ -405,6 +407,12 @@ if __name__ == "__main__":
 	if args.path: url += "/%s" % args.path
 	debugPrint(args.debug, "url:%s" % url)
 	# Attempt to reach the endpoint
+
+	ctx = ssl.create_default_context()
+	if args.insecure:
+		ctx.check_hostname = False
+		ctx.verify_mode = ssl.CERT_NONE
+
 	try:
 		req = urllib2.Request(url)
 		req.add_header("User-Agent", "nagios-http-json")
@@ -417,13 +425,13 @@ if __name__ == "__main__":
 			for header in headers:
 				req.add_header(header, headers[header])
 		if args.timeout and args.data:
-			response = urllib2.urlopen(req, timeout=args.timeout, data=args.data)
+			response = urllib2.urlopen(req, timeout=args.timeout, data=args.data, context=ctx)
 		elif args.timeout:
-			response = urllib2.urlopen(req, timeout=args.timeout)
+			response = urllib2.urlopen(req, timeout=args.timeout, context=ctx)
 		elif args.data:
-			response = urllib2.urlopen(req, data=args.data)
+			response = urllib2.urlopen(req, data=args.data, context=ctx)
 		else:
-			response = urllib2.urlopen(req)
+			response = urllib2.urlopen(req, context=ctx)
 	except HTTPError as e:
 		nagios.append_unknown("HTTPError[%s], url:%s" % (str(e.code), url))
 	except URLError as e: