This is purely informational, in case it helps somebody.
I recently had to set up Checkmk 2.1 on a Rocky 8.x Linux host. Among the targets
to be monitored, I have machines that are running vSphere/ESXi 5.1. The SSL
version they provide, is too old, and when I initially tried, I ran into the same issue described
In order to “fix” this on Rocky 8.x (probably also works for CentOS/RHEL/Alma 8.x), I had
to run the command
upate-crypto-policies --set LEGACY
and reboot. After that, the check works normally.