Checkmk Enterprise Edition 2.3.0p22
The only certificate i so far have is the signed baked agents, how do i refresh them as currently the whole system is showing warnings ?
Time until updater certificate #0 (CN=‘signature’) will expire: 80 days 22 hours (warn/crit below 90 days 0 hours/never)WARN , Time until all updater certificates are expired: 80 days 22 hours (warn/crit below 90 days 0 hours/30 days 0 hours)WARN , Agent plug-ins: 7, Local checks: 0
Hi,
I think this article should be helpful (already linking to the right section): Automatic agent updates - Distribute agents and plug-ins automatically
In the end, you can of course
But in the end you need to refresh the certificate at some point to deal with the problem for good.
Yeah I’m mainly confused as I haven’t yet setup any certs. (I’m guessing in the first post that signing the agent makes some kind of cert?)
And yeah I’m trying to figure out how to update the cert I’ve never made 
I’ll have a look at your link
This article is about updating CA, but i haven’t myself made any CA yet ?
Only the baking signature that I believe it’s warning about ?
This is the issue I’m having, the warnings started shouting 90 days before it’s expiration and now everything is a mess in the generic alert view.
Can this signature key refresh be done better ? can i manually force the updates or should the warning be smaller when it’s actually a problem, i.e. the automatic refresh failed for some reason ?