Checkmk Werk 14544: Agent controller: Use host certificate store during registration

ID: 14544 Title: Agent controller: Use host certificate store during registration Component: agents Level: 1 Class: Bug fix Version: 2.2.0i1 In order to register at a Checkmk site, the agent controller (<tt>cmk-agent-ctl</tt>) needs to know, among others, the name of the server where the site is running and a port. The port can either be included in the server name argument (<tt>-s<tt>), or it can be left out. In case it is left out, the agent controller tries to query the port from the REST API of the target site. In case the communication with the REST API is HTTPS-secured, the agent controller is supposed to use the certificate store of the host to verify the server certificate. This was however not the case, which in particular affected setups with server certificates signed by a custom CA (where the corresponding root certificate was correctly added to the certificate store of the host). The resulting error message read: C+: $ cmk-agent-ctl register ... ... Failed to discover agent receiver port from Checkmk REST API, both with http and https. ... Error with https: ... invalid peer certificate contents: invalid peer certificate: UnknownIssuer C-: Note that, as mentioned above, this only happened if no explicit port was given during the agent registration.