Checkmk Werk 13691: Renew old site certificates during update

ID: 13691 Title: Renew old site certificates during update Component: Setup Level: 1 Class: New feature Version: 2.1.0i1 Older certificates that do not include the server name extension need to be updated in order to support the new agents TLS encryption. The old certificate is moved to <tt>[my_site].pem.bak</tt>, and a new one is created. The existing site local root CA, which signed the previous certificate, is used to sign the new certficate. Since the trust between distributed sites is established with the local root CA, no additional action is needed.