Now my remote-site (on a centos 8 linux vm in azure) is connected to my main monitoring site. When I try to login to that remote-site i get the following Error:
Internal error: HTTPSConnectionPool(host='monitoring.gemdat.cloud', port=443): Max retries exceeded with url: /Kunden/check_mk/login.py (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])")))
Traceback (most recent call last):
File "/omd/sites/Main/lib/python3/urllib3/contrib/pyopenssl.py", line 488, in wrap_socket
cnx.do_handshake()
File "/omd/sites/Main/lib/python3/OpenSSL/SSL.py", line 1934, in do_handshake
self._raise_ssl_error(self._ssl, result)
File "/omd/sites/Main/lib/python3/OpenSSL/SSL.py", line 1671, in _raise_ssl_error
_raise_current_error()
File "/omd/sites/Main/lib/python3/OpenSSL/_util.py", line 54, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/omd/sites/Main/lib/python3/urllib3/connectionpool.py", line 670, in urlopen
httplib_response = self._make_request(
File "/omd/sites/Main/lib/python3/urllib3/connectionpool.py", line 381, in _make_request
self._validate_conn(conn)
File "/omd/sites/Main/lib/python3/urllib3/connectionpool.py", line 978, in _validate_conn
conn.connect()
File "/omd/sites/Main/lib/python3/urllib3/connection.py", line 362, in connect
self.sock = ssl_wrap_socket(
File "/omd/sites/Main/lib/python3/urllib3/util/ssl_.py", line 384, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/omd/sites/Main/lib/python3/urllib3/contrib/pyopenssl.py", line 494, in wrap_socket
raise ssl.SSLError("bad handshake: %r" % e)
ssl.SSLError: ("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])",)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/omd/sites/Main/lib/python3/requests/adapters.py", line 439, in send
resp = conn.urlopen(
File "/omd/sites/Main/lib/python3/urllib3/connectionpool.py", line 726, in urlopen
retries = retries.increment(
File "/omd/sites/Main/lib/python3/urllib3/util/retry.py", line 439, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='monitoring.gemdat.cloud', port=443): Max retries exceeded with url: /Kunden/check_mk/login.py (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])")))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/omd/sites/Main/lib/python3/cmk/gui/wato/pages/sites.py", line 602, in _action_login
secret = watolib.do_site_login(login_id, name, passwd)
File "/omd/sites/Main/lib/python3/cmk/gui/watolib/automations.py", line 364, in do_site_login
response = get_url(url, site.get('insecure', False), auth=(name, password),
File "/omd/sites/Main/lib/python3/cmk/gui/watolib/automations.py", line 337, in get_url
return get_url_raw(url, insecure, auth, data, files, timeout).text
File "/omd/sites/Main/lib/python3/cmk/gui/watolib/automations.py", line 309, in get_url_raw
response = requests.post(
File "/omd/sites/Main/lib/python3/requests/api.py", line 116, in post
return request('post', url, data=data, json=json, **kwargs)
File "/omd/sites/Main/lib/python3/requests/api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "/omd/sites/Main/lib/python3/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/omd/sites/Main/lib/python3/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/omd/sites/Main/lib/python3/requests/adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='monitoring.gemdat.cloud', port=443): Max retries exceeded with url: /Kunden/check_mk/login.py (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])")))
I installed a wildcard certificate and i can connect via https to my remotesite with a browser, the certificate is valid und the connection is encrypted. I dont know why I am getting this error from checkmk. When I check the “ignore tls errors” then I can login to that remote-site. Is there anything else? Port 443 and 6557 are open - tested with netcat / telnet.