We use cookies to ensure that we give you the best experience on our website.  Visit our Privacy Policy to learn more. If you continue to use this site, we will assume that you are okay with it.

Your choices regarding cookies on this site.
Your preferences have been updated.
In order for the changes to take effect completely please clear your browser cookies and cache. Then reload the page.

Securing the web interface with HTTPS

Checkmk Manual
Last updated: December 4 2019

Search in the manual

1. Prerequisites

If you wish to install Checkmk over HTTPS the following prerequisites must be satisfied on your monitoring server – irrespective of your instances:

  • You must have a valid server certificate.
  • The apache module mod_ssl is installed and activated.
  • The server is reachable under HTTPS.
  • The Rewrite-Module for the webserver is available and loaded.

2. Configuring an HTTPS-connection for an instance

Add the following lines in the section for the VirtualHost:

/etc/apache2/sites-enabled/000-default
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L]
RequestHeader set X-Forwarded-Proto "https"

The VirtualHost-configuration is found in these files – depending on the distribution being used:

Debian, Ubuntu /etc/apache2/sites-enabled/000-default(.conf)
RHEL, CentOS /etc/httpd/conf.d/ssl.conf
SLES /etc/apache2/httpd.conf

Following a configuration change the webserver must be restarted. The restart commands are different for each distribution:

root@linux# service httpd restart
root@linux# service apache2 restart
root@linux# systemctl restart httpd
root@linux# systemctl restart apache2