The certificate for “api.pushover.net” is a wildcard cert for “*.pushover.net”.
I think that the certificate is allright. In my opinion there is a Problem netween the root-ca and checkmk.
Curl the API from shell returns no cert error so the cert-store of the linux system seems to be right.
Just checkmk breaks with an exception (ssl) while triggering the pushover api to send messages from the script above.
BR
Nico