Download

Werk #8647: cmk-update-agent: Fixed certificate verification issues in case openssl tools are not available

Component Agent bakery
Title cmk-update-agent: Fixed certificate verification issues in case openssl tools are not available
Date Dec 15, 2016
Checkmk Edition Checkmk Enterprise (CEE)
Checkmk Version 1.4.0i3
Level Trivial Change
Class Bug Fix
Compatibility Compatible - no manual interaction needed

When communicating via HTTPS with the update server, the cmk-update-agent script needs to verify the certificates of the server. The allowed certificates are stored at /var/lib/check_mk_agent/cas.

In this directory there need to be the certificates (.pem files) and symlinks named with the "subject hashes" of the certificates. In previous versions these symlinks were created by the c_rehash command which is not available on all plaftforms.

We have changed that now to use the python OpenSSL bindings (if available) and fallback to the c_rehash command only in case they are not available.

To the list of all Werks

See it yourself

Try out Checkmk now.

Get the Raw Edition Free and open source monitoring
Play with Checkmk Try Checkmk without installing
Checkmk Conference #10

Join us for the highlight of the year when the Checkmk Community gets together in Munich from June 11-13.

Register now