CMK version 2.1.0 Raw edition
Client os version Server 2019
Error: [agent] Error establishing TLS connectionCRIT , Got no information from hostCRIT , execution time 0.0 sec
The connection was fine before i registered the host. I’ve restarted the Check_MK service. I’ve checked if the program is listening with Netstat. I did not receive any errors when registering the host. As a test the Windows firewall is disabled.
The fortigate has an all rule from the CheckMK server to the host and from the Host to the CheckMK rule. I believe this only has to be TCP 6556 normally and TCP 8000 to register the host?
After the upgrade + successful registration of the agent, the communication between the distributed server and the server to monitor is broken:
[agent] Communication failed: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:2633)CRIT, Got no information from hostCRIT, execution time 0.0 sec
I just tested with a Linux (debian 11) and there it works just fine…
I’ve resolved the issue by the way. The reason why i was getting these errors is because I had net set up HTTPS on the checkmk site yet. This is needed in order for the SSL communication to work.
@jlagendijk , my website is already in https.
Maybe my self signed certificate from my CA isn’t properly set but no browsers are complaining of it
WARN [cmk_agent_ctl::modes::pull] [xxxxx]:39958: Request failed. (invalid peer certificate contents: invalid peer certificate: MissingOrMalformedExtensions)
I didn’t even sign my Self Signed Certificate through a CA because there is no CA (yet) at this organisation. I’ve simply distributed the Self Sign Certificate as a trusted root certificate authority to all my monitored servers/hosts through GPO.
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.
