Securing the web interface with HTTPS

Checkmk Manual
Last updated: March 13 2017

Search in the manual

1. Prerequisites

If you wish to install Checkmk over HTTPS the following prerequisites must be satisfied on your monitoring server – irrespective of your instances:

  • You must have a valid server certificate.
  • The server is reachable under HTTPS.
  • The Rewrite-Module for the webserver is available or loaded.

2. Configuring an HTTPS-connection for an instance

In the configuration file, amend the section for the VirtualHost:

RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L]

The VirtualHost-configuration is found – depending on the distribution being used – in these files:

Debian, Ubuntu /etc/apache2/sites-enabled/000-default(.conf)
RHEL, CentOS /etc/httpd/conf.d/welcome.conf
SLES /etc/apache2/httpd.conf

Following a configuration change the webserver must be restarted – the restart commands are different for each distribution:

root@linux# service httpd restart
root@linux# service apache2 restart
root@linux# systemctl restart httpd
root@linux# systemctl restart apache2