Werk #13899: Notification spooler: Support for TLS authentication

Komponente Notifications
Titel Notification spooler: Support for TLS authentication
Datum 14.04.2022
Checkmk-Editon Checkmk Enterprise (CEE)
Checkmk-Version 2.2.0i1 2.1.0b9
Level Kleine Änderung
Klasse Sicherheitsfix
Kompatibilität Kompatibel - benötigt kein manuelles Eingreifen

Previously mknotifyd did not authenticate peers. With this Werk mknotifyd can be configured to require TLS client certificate authentication. This is only available if encryption for mknotifyd is configured. In order to verify the peers correctly the corresponding site CAs must be trusted. This is usually the case if you enabled the configuration sync and enabled the encryption of livestatus. If you have another setup make sure both all Site CAs are trusted on each site.

Zur Liste aller Werks