Securing the Checkmk web interface with HTTPS #CMKTutorial

preview_player
Показать описание
In this tutorial, Bastian demonstrates how to secure the Checkmk web interface with HTTPS. This ensures that the data transfer with the web UI is secured by encryption and the site is protected from various cyberattacks that may happen due to unsecured connection.

Blog article for best practices for security:

-----------------------------------------------

Follow us on Social Media
-----------------------------------------------

----------------------------------------------
00:00 Introduction
00:31 Generating a private key and a certificate file
03:13 Installing the certificate file
06:53 Troubleshooting
07:29 Conclusion
  1. Checkmk
  2. Checkmk web UI
  3. monitoring
  4. server monitoring
Рекомендации по теме
Checkmk absichern, Webseite 0:11:29

Checkmk absichern, Webseite und Agent

New UX and 0:09:01

New UX and security improvements in Checkmk 2.1 #CMKTutorial

Monitoring SSH Daemon 0:04:14

Monitoring SSH Daemon configuration with Checkmk #CMKTutorial

Installation, Setup and 0:22:13

Installation, Setup and Usage of the Checkmk Appliance and Checkmk 2.1

Automated host creation 0:15:56

Automated host creation in Checkmk #CMKTutorial

Using SNMP to 0:07:09

Using SNMP to monitor network devices #CMKTutorial

Detecting configuration errors 0:04:24

Detecting configuration errors with the Analyze Configuration feature #CMKTutorial

Managing and updating 0:10:01

Managing and updating sites on the Checkmk appliance | #CMKduo Episode 8

Configuring SAML authentication 0:21:27

Configuring SAML authentication in Checkmk #CMKTutorial

Working with rules 0:18:34

Working with rules and setting thresholds in Checkmk #CMKTutorial

Tips and tricks 0:06:29

Tips and tricks for the Checkmk appliance | #CMKduo Episode 11

Distributed monitoring with 0:17:27

Distributed monitoring with Checkmk #CMKTutorial

Best Server & 0:13:53

Best Server & Application Monitor for free with Checkmk

Introduction to Checkmk 0:09:21

Introduction to Checkmk appliance | #CMKduo Episode 6

Checkmk Appliance High 0:18:14

Checkmk Appliance High Availability Cluster

CheckMK - An 0:39:44

CheckMK - An Open Source, Self Hosted, Network and System monitoring tool that is easy to setup.

Installing Check MK 0:10:15

Installing Check MK monitoring on the server

Monitoring Windows in 0:05:33

Monitoring Windows in Checkmk #CMKTutorial

How to setup 0:04:44

How to setup CheckMk on LINUX UBUNTU (2024) - EASY TUTORIAL!!

Checkmk Conference #9: 0:14:30

Checkmk Conference #9: Automated System Updates as a Self-Service

Detecting issues and 0:15:31

Detecting issues and configuring alerts for Kubernetes clusters #CMKTutorial

Using the Quicksearch 0:06:02

Using the Quicksearch function in Checkmk #CMKTutorial

Checkmk conference #8: 0:23:59

Checkmk conference #8: Product security updates

3 Rules for 0:10:59

3 Rules for efficient network monitoring #CMKTutorial

Комментарии
Автор

Thanks for making this. There are some big discrepancies, however. You list generating private.pem and request.csr, then mention the full chain (chain.crt) and certificate.pem. Where did those come from?

emike
Автор

Danke für die Anleitung, aber ein Skript, dass das automatisch erledigt, wäre mir lieber... 🙂

stefanreinhardt
Автор

Quite a bit different from the documentation thank you. The configtest shows syntax okay after removing the passphrase from the keyfile however after the a2ensite default-ssl the HTTPS connection just times out (double checked allowed through UFW). When disabling the site it just refuses HTTPS.

Update- turned out to be the certificate.. I went with Certbot using DNS validation because I cannot open port 80 to the internet. For anyone having issues with certificates, follow the guide but the part with Certbot use the digitalocean guide

Wahinies
Автор

I am running this in a test environment. If I don't have a domain can I use the IP for the domain fqdn field?

bryancp
Автор

You added the chain.pem file into /etc/ssl/certs/ folder yet when you changed the default-ssl.conf file, you made the SSLCertficateChainFile point to /etc/apache2/chain.pem thats not going to work????

microcisco
welcome to shbcf.ru