I am having a cascading number of failures, in trying to configure automatic agent updates, or to even get windows hosts to not show bad certs/ssl failures.
Our checkmk website is using https. are we supposed to generate a new/different cert, to use in the config for the automatic agent updates, other than the one used for the website/checkmk server?
There are 6 prerequisites to getting automatic agent updates to work. the only one showing red, is the “Registered agents” requirement.
Once i install the agent on a windows server, add the host to the checkmk website, then run the command string to “register” that windows host on the windows host… i get
: (Caused by SSLError(SSLError(“bad handshake: Error([(‘SSL routines’, ‘’, ‘certificate verify failed’)])”)))WARN , Last update: Feb 09 2024 13:55:28, Agent plugins: 2, Local checks: 0
of course if i try to run the command string for the agent updater on the windows vm, (“C:\Program Files (x86)\checkmk\service\check_mk_agent.exe” updater register -s… etc)
it also fails with a bad handshake, etc:
Trying to import certificate from the server’s certificate chain but found no self-signed certificate or CA certificate. Aborting import.
HTTPSConnectionPool(host=‘****’, port=443): Max retries exceeded with url: /itse_2/check_mk/login.py (Caused by SSLError(SSLError(“bad handshake: Error([(‘SSL routines’, ‘’, ‘certificate verify failed’)])”)))
After 5-6 hours of trying various things i’ve given up and don’t know where to start troubleshooting. Any ideas?