Edit: Actually this is not really a fix because since “2.1.0” one is supposed to “For this reason, you should disable the built-in encryption promptly after switching to TLS”
I don’t know how to reproduce. But I had the same problem. Since it’s just a private non critical instance I modified the “./etc/check_mk/conf.d/wato/rules.mk” file of my site.
From:
agent_encryption = [
{'id': '21421d83-dc28-446e-a6b0-42be6618ee3c', 'value': {'use_realtime': 'enforce', 'passphrase': 'XXX'}, 'condition': {}, 'options': {'disabled': False}},
] + agent_encryption
To:
agent_encryption = [
{'id': '21421d83-dc28-446e-a6b0-42be6618ee3c', 'value': {'use_regular': 'enforce', 'use_realtime': 'enforce', 'passphrase': 'XXX'}, 'condition': {}, 'options': {'disabled': False}},
] + agent_encryption
Before I tried just recreating the rule from the UI. Tho I didn’t activate after deletion…
Hope this at least helps some people to fix it.