CMK version: 2.0.0p** (prod) and 2.1.0 (test)
OS version: Docker
We are starting to set up distributed automatic agent updates. As the central site uses a certificate signed by an internal CA, we need remote sites to trust it. To achieve this, we added the root CA to Global settings → Trusted certificate authorities for SSL.
However, this does not work for us. The CA certificate configuration seems to not be replicated to remote sites:
ca_certificates.mkis missing entirely from
ca_certificates-sitespecific.mkdoes only contain the WATO header
- checking in
var/ssl, the certificates are not present there
The CAs are only replicated to the remote site when explicitely configuring them per site in Distributed monitoring. This is not a configuration we plan to maintain, though
Do any of you run a similar configuration that works?
Are we missing/misunderstanding something?
Thank you and have a nice day