TLS warning on piggyback discovered systems

2.1.0p2.cfe on Debian 11

Until now, most of my PVE systems were manually configured with CheckMK agent and TLS. Yesterday i setup Dynamic Host Management and it’s running great but for two issues:

  1. Existing hosts are now duplicated. i.e. <<>> (manually configured) sits beside <> (auto-created in CheckMK by DHM/Piggyback.
  2. All auto-created systems are failing TLS - even though they are registered and functioning with TLS in their manual incarnation. i.e. <<>> works with TLS but <> fails.

My best guess is that this is a naming problem? I have manually create them with their local URL and piggyback uses the actual host name? This might also explain why TLS is failing; wrong name.


  1. What is the correct process for mixing DHM/Piggyback with manually created systems?
  2. How is TLS going to self-register on an auto-configured piggyback system?

Please check your message, I think the forum software ate some of the hostnames in < > :slight_smile:

TLS is host name dependend, so the DHM created hosts that have another fqdn (or just shortname?) so a host with another hostname is supposed to fail as “” is not the same as “host”

I suppose, you don’t really want the duplicate hosts anyway, so my suggestion would be: don’t worry about TLS not working on the second/duplicate host, get rid of the duplicate host.

=> The piggyback mechanism has some documentation about renaming the incoming piggyback data so that it matches your existing hosts.

1 Like

Right. Like many, I cannot live with a yellow light, so I have to fix it. :wink:

I realize that using the piggyback DHM is a far better way to go. Just need to recognize that it IDENTIFIES the machines, but I then need to manually TLS register them and all’s well. It means no phantom machines exist without my knowledge - and I like this a lot.

So I’ll delete the original, incorrectly named, instances and give preference to the DHM ones. Staff will just have to ensure that any new machine must be either fully setup - or erased from the cluster. No more phantoms.

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.