back to website

Werk #13691: Renew old site certificates during update

Component Setup
Title Renew old site certificates during update
Date Feb 19, 2022
Level Trivial Change
Class New Feature
Compatibility Compatible - no manual interaction needed
Checkmk versions & editions
2.1.0b1 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)

Older certificates that do not include the server name extension need to be updated in order to support the new agents TLS encryption.

The old certificate is moved to [my_site].pem.bak, and a new one is created. The existing site local root CA, which signed the previous certificate, is used to sign the new certficate. Since the trust between distributed sites is established with the local root CA, no additional action is needed.

To the list of all Werks

The Checkmk logo (formerly known as Check_MK) is a trademark of Checkmk GmbH. ©2026 Checkmk GmbH. All rights reserved.

Join our Checkmk Conference #12 – the hybrid Monitoring Community event in Munich, on June 16-18 – to explore new Checkmk features, best practices, and our roadmap.

Register now