Werk #18641: TLS certificate verification added to special agent Zerto
| Component | Checks & agents | ||
| Title | TLS certificate verification added to special agent Zerto | ||
| Date | Feb 11, 2026 | ||
| Level | Trivial Change | ||
| Class | New Feature | ||
| Compatibility | Compatible - no manual interaction needed | ||
| Checkmk versions & editions |
|
The Zerto special agent now verifies TLS certificates for its connections by default. New rules added will be required to define if TLS certificate verification must be performed. You can control this setting under Setup > Agents > Other integrations > Zerto > Add rule > TLS certificate validation. TLS certificate validation can be disabled in the cmd interface with --disable-cert-verification.
Additionally, users can change the hostname associated with the certificate by using the Setup > Agents > Other integrations > Zerto > Add rule > TLS certificate validation > Verify TLS certificate > TLS certificate hostname or by using the --cert-server-name hostname command in the cmd interface.
Existing rules will keep TLS certificate verification disabled and will not be updated automatically.
Because TLS verification is now enabled by default for new rules, new connections may fail if the certificates are invalid or self-signed. We recommend reviewing your existing rules and enabling TLS verification where appropriate. If you encounter connection issues after this update, please verify the validity of your TLS certificates or adjust the setting accordingly.