I want to to monitor the life cycle of my SSL-Certificates as most of you and for that reason I downloaded the SSL-Certificates plug-in from CheckMK Exchange. (SSL-Certificates - Checkmk Exchange)
I then uploaded the file on my enterprise edition via the GUI and activated it as well.
I also created a ‘‘Parameters for SSL certificates’’ rule and defined the desirable values.
Lastly I copied the sslcertificates.ps1 script under C:\ProgramData\checkmk\agent\plugins on a host.
After initiating a service discovery I was able to find and monitor the desired certificates.
But I have a few hundred hosts and copying/pasting the script in each one of them will take long and is not scalable. I’m sure there is a way to automate the process and here is where I need your help.
Would the agent bakery help me achieve that result? Since I have the enterprise edition and I have already uploaded and activated the SSL-Certificates plug-in from CheckMK Exchange, would baking the agents achieve the result I want and described above?
If yes, can I choose to bake some agents and leave some others with different scope unbaked?
The rule you mentioned is now in place. Now, when I got under Setup > Agents, I cal also see the following:
Running a service discovery still doesn’t find any certificates to monitor though.
I suppose I need to wait out the ‘‘interval for update check’’ for the agents to pull (enterprise edition) the plug-in from the central bakery, correct?
Do you know if there is a way to force the check or do I need to wait out the interval for update check?
In any case, I will write again with more updates and let you know if it worked. If so I’ll mark it as ‘‘resolved’’.
The bakery basically creates tailored agent packages. You can either deploy them manually or configure the agent updater to automatically update agent packages when changed packages (version updates, changes to plug-ins…) are available.
Please also read the Official User Guide on this topic:
