HTTPS service
When this service has a scan interval of less than 5 minutes, the agent may take longer than the scan interval to gather the metrics. As a result, you may notice some scan intervals are not populated.
The HTTPS service monitors all of the scan details of the HTTP service and the validity and expiry date of an SSL certificate on a device.
You can monitor the scan details for the SSL certificates only if the certificates have been signed by a CA that has been uploaded in N-able N-central or is listed in the default CA certificate file provided by N-able N-central. For more information on uploading a certificate, see Uploading a certificate.
The HTTPS service does not currently provide the ability to interact with web sites that use self-signed certificates.
When performing Regex matching, the service looks at the whole web response, including the HTTP/HTTPS header and the page content, not only the page content.
The HTTPS service also includes WTSS functionality that monitors the specific content on a web site over a secure web connection by searching for a matching regular expression. For example, you can monitor the availability of specific content on an e-commerce site that uses a database driven architecture. The results from monitoring are displayed on the status dashboard under the HTTP service. If specified, the results can also be provided in any notifications triggered by the service.
If an HTTP URL redirects to HTTPS, then the content verification of compressed connections will fail.
The N-able N-central HTTPS service does not support forms-based authentication.
| Service Type | TCP |
| Instances on a Device | 20 |
| Device Class | Server - Generic, Other, Printer, Scanner/Camera, Switch/Router, Workstation - Windows, Workstation - Generic, and Server - Windows |
| Monitored By | Windows probe, N-able N-central server |
| Scan Interval | 5 minutes |
| Minimum Scan Interval | 1 minute |
| Timeout Value | The time that the N-able N-central server waits before considering the test a failure. The default is 30 seconds. |
| Port Number | 443 |
| HTTPS URL | The URL used to test the availability of the web server. For example:
A partial URL is accessed using the network address of the web server. When setting up the URL, an issue occurs if the first portion of the relative URL can be resolved by the monitoring device as a domain name. For example, if you were monitoring https://192.168.1.1/example.com/index.html, and only provided the relative URL /example.com/index.html, the monitoring device will determine that the first portion is a domain name and assume an absolute URL was provided. As a workaround, you can configure the HTTPS service with the absolute URL manually. |
| Login Username | The username used to sign in to the designated URL. You can use the Login Username for latency testing, but you do not need to configure it if the web page does not require credentials. |
| Login Password | The security password used to sign in to the designated URL. You can use the Login Password for latency testing, but you do not need to configure it if the web page does not require credentials. |
| Authentication Scheme | The security authentication scheme used by the designated URL for determining if requests are valid or not. Configure this property using one of:
|
| Normal Response Code | The codes in the response header that indicate a Normal state. |
| Warning Response Code | The codes in the response header that indicate a Warning state. Any codes in the response header that are not configured as either a Normal Response Code or a Warning Response Code will result in the service being transitioned into a Failed state. |
| Content Verification Regular Expression | The regular expression used to find a specific match in the content on the web page. For example: The page cannot be displayed. Content Validation Failure! If an HTTP URL redirects to HTTPS, then the content verification of compressed connections will fail. |
| Status Detail | Description |
|---|---|
| HTTPS Service Availability | The availability of a web server based on the response code returned by the HTTPS response header. This will appear as Failed if the a CA certificate of the Web server has not been uploaded or if it is not in the default a CA certificate file. |
| Round Trip Time (ms) | The time for a request to be sent and received. |
| DNS Resolution | The FQDN and IP address that determines whether the device name can be resolved. If an FQDN has been specified, the service searches for its IP address. If the IP address is found, the state will be Normal. Otherwise, it will be Failed, based on the default settings. If an IP address has been specified, the service checks only the IP address' format. If the format is correct, the state will be Normal. Otherwise, it will be Failed, based on the default settings. |
| Server Certificate Signature | The validity of the SSL certificate, indicated as either valid or invalid. |
| Server Certificate Expiration (days) | The number of days remaining before the expiration of the SSL certificate. |
| Content Verification Regular Expression | The regular expression that triggers the status for the matched contents on the Web page. Content Validation Failure! If an HTTP URL redirects to HTTPS, then the content verification of compressed connections will fail. |
HTTP Status code definitions to HTTPS service availability
The three possible values for HTTPS Service Availability (Normal: 1, Warning: 2, and, Failed: 0) are based on HTTP Status Code Definitions. RFC 2616 'Hypertext Transfer Protocol -- HTTP/1.1' defines the protocol referred to as "HTTP/1.1". This protocol includes more stringent requirements than HTTP/1.0 in order to ensure reliable implementation of its features.
Normal
By default, N-able N-central evaluates the following "HTTP or HTTPS Status Code Definitions" as
Normal (HTTP or HTTPS Service Availability 1):
| Status Code | Definition | RFC Description | HTTP or HTTPS Service Availability |
|---|---|---|---|
| 100 | Continue | RFC 2616 Section 10.1.1 | Normal (1) |
| 101 | Switching Protocols | RFC 2616 Section 10.1.2 | Normal (1) |
| 200 | OK | RFC 2616 Section 10.2.1 | Normal (1) |
| 201 | Created | RFC 2616 Section 10.2.2 | Normal (1) |
| 202 | Accepted | RFC 2616 Section 10.2.3 | Normal (1) |
| 203 | Non-Authoritative Information | RFC 2616 Section 10.2.4 | Normal (1) |
| 204 | No Content | RFC 2616 Section 10.2.5 | Normal (1) |
| 205 | Reset Content | RFC 2616 Section 10.2.6 | Normal (1) |
| 206 | Partial Content | RFC 2616 Section 10.2.7 | Normal (1) |
Warning
By default, N-able N-central evaluates the following 'HTTP Status Code Definitions' as Warning (HTTP or HTTPS Service Availability 2):
| Status Code | Definition | RFC Description | HTTP or HTTPS Service Availability |
|---|---|---|---|
| 300 | Multiple Choices | RFC 2616 Section 10.3.1 | Warning (2) |
| 301 | Moved Permanently | RFC 2616 Section 10.3.2 | Warning (2) |
| 302 | Found | RFC 2616 Section 10.3.3 | Warning (2) |
| 303 | See Other | RFC 2616 Section 10.3.4 | Warning (2) |
| 304 | Not Modified | RFC 2616 Section 10.3.5 | Warning (2) |
| 305 | Use Proxy | RFC 2616 Section 10.3.6 | Warning (2) |
| 306 | (Unused) | RFC 2616 Section 10.3.7 | Warning (2) |
| 307 | Temporary Redirect | RFC 2616 Section 10.3.8 | Warning (2) |
Failed
By default, N-able N-central evaluates the following 'HTTP Status Code Definitions' as Failed (HTTP or HTTPS Service Availability 0):
| Status Code | Definition | RFC Description | HTTP or HTTPS Service Availability |
|---|---|---|---|
| <Unspecified> | <Unspecified> | Any value not previously specifed as 'Normal (1)' or 'Warning (2)' Failed: 0 | Failed (0) |
| 400 | Bad Request | RFC 2616 Section 10.4.1 | Failed (0) |
| 401 | Unauthorized | RFC 2616 Section 10.4.2 | Failed (0) |
| 402 | Payment Required | RFC 2616 Section 10.4.3 | Failed (0) |
| 403 | Forbidden | RFC 2616 Section 10.4.4 | Failed (0) |
| 404 | Not Found | RFC 2616 Section 10.4.5 | Failed (0) |
| 405 | Method Not Allowed | RFC 2616 Section 10.4.6 | Failed (0) |
| 406 | Not Acceptable | RFC 2616 Section 10.4.7 | Failed (0) |
| 407 | Proxy Authentication Required | RFC 2616 Section 10.4.8 | Failed (0) |
| 408 | Request Timeout | RFC 2616 Section 10.4.9 | Failed (0) |
| 409 | Conflict | RFC 2616 Section 10.4.10 | Failed (0) |
| 410 | Gone | RFC 2616 Section 10.4.11 | Failed (0) |
| 411 | Length Required | RFC 2616 Section 10.4.12 | Failed (0) |
| 412 | Precondition Failed | RFC 2616 Section 10.4.13 | Failed (0) |
| 413 | Request Entity Too Large | RFC 2616 Section 10.4.14 | Failed (0) |
| 414 | Request-URI Too Long | RFC 2616 Section 10.4.15 | Failed (0) |
| 415 | Unsupported Media Type | RFC 2616 Section 10.4.16 | Failed (0) |
| 416 | Requested Range Not Satisfiable | RFC 2616 Section 10.4.17 | Failed (0) |
| 417 | Expectation Failed | RFC 2616 Section 10.4.18 | Failed (0) |
| 500 | Internal Server Error | RFC 2616 Section 10.5.1 | Failed (0) |
| 501 | Not Implemented | RFC 2616 Section 10.5.2 | Failed (0) |
| 502 | Bad Gateway | RFC 2616 Section 10.5.3 | Failed (0) |
| 503 | Service Unavailable | RFC 2616 Section 10.5.4 | Failed (0) |
| 504 | Gateway Timeout | RFC 2616 Section 10.5.5 | Failed (0) |
| 505 | HTTP Version Not Supported | RFC 2616 Section 10.5.6 | Failed (0) |
Status Code 401: before the release of 2023.4, Status Code 401 was categorized as "Normal". From 2023.4 onwards Status Code 401 is categorized as "Failed".