Client Connection Encryption over external Certificates
We have a Company CA, every Host gets a Certificate from this CA.
Is it possible to use this already generated Certificates for the Communication.
The CMK-Site has already the CA in the truststore.
So there are no problems with expiring Certificates or change of CA-Certificate (re-certificating).
Comments: 2
-
22 May, '22
AndyWe have the same problem. In fact Checkmk uses multiple CAs. Ones for the Livestatus connection withs stunnel, one that copies (steals) certificates for the registration and one for the agent update. Now there will be additional ones for the agent running TLS in 2.1
Allowing us the users and admins who knows what kind of certificates we need should have full control of the certificate process. -
02 Sep, '22
Mike1098Same situation here and I fully support that request.