TLS encryption process information

General
1

I’m relatively new to CheckMK and currently exploring its architecture and communication flow. I understand that communication between the agent and the server typically happens over port 6556 . I’d like to clarify a few points regarding this:

  1. Is the data transmitted over port 6556 encrypted by default in the latest version of CheckMK?
    If not, could you please guide me on what additional configuration is required to enable encryption?
  2. What is the role of TCP port 8000 in CheckMK?
    I’ve come across references to this port but would appreciate a clearer understanding of its purpose and how it fits into the overall communication flow.
2

Hi Mahesh,

  1. no, the default agent communication is unencrypted, but checkmk will warn you if it communicates in clear text.
  2. Port 8000 is used for the TLS registration

See Monitoring Windows - The new agent for Windows in detail (same for the linux agent) for the full docs :slight_smile:

1 Like