Secure GUI over HTTPS warning


#1

Hi again,

my distributed monitoring is almost done. Now I am trying to secure it with HTTPS. Since we have a wildcard certificates, I had to set a CNAME for the master and the slaves to match this wildcard certificate. I configured apache on one slave to redirect to the CNAME with HTTPS and it works as expected. On the master I adjusted the slave configuration, so I set the URL prefix to the CNAME with HTTPS under Livestatus Settings and the Multisite-URL for the replication configuration with the CNAME and HTTPS as well.
Now when I go to Analyze configuration it still shows Warning to consider using HTTPS instead of HTTP under the Security section. It seems it needs more than what I’ve done to get this working!

I am using check-mk-raw 1.5.0p7 on Ubuntu Xenial.

Any ideas?

Thanks


(Philipp Näther) #2

To be honest, I would not give too much on the messages in analyze configuration. If you are using the GUI over HTTPS everything is fine. Maybe the message occurs as long as users are able to access the GUI over HTTP, so you have to disable http completely and allow HTTPS only.


#3

Hi Philipp, HTTP is completely diabled, there is no way to access the master or the slave through HTTP, I added sufficient apache rewrite rules. I’ll just ignore it. Thanks a lot Philipp.

I have a new problem but I’ll open a new topic for it.