Better management of CA certs

Comments: 3

Oldest • Newest • Most likes • Fewest likes

• Add a comment
• 12 May, '25
  Dirk Merged

  In the global settings we can (and must) add trusted certificate authorities whenever we add a new remote site to the distributed monotoring.
  
  In our environment we have 25 such sites and thus 25 such CAs in that list.
  
  Actually, the list of CAs is two lists in the GUI: in the first list we have all the CAs in their PEM format and in the second list we have all the issuers and subjects. To figure out which CA belongs to which subject, you have to count them:
  
  “Oh, I want to delete the CA with the subject "foo". That's the 8th one in the second list. Now I have to count up to 8th entry in the first list and click the delete button next to it.” It also doesn't help that the boxes sometimes change their sizes as I scroll by and that all these CAs look almost the same.
  
  The attached picture shows the list of CAs and the list of subjects as they currently are.
  
  It would be really, really helpful if the list with the CAs would have the names/subjects/issuers directly next to them.

  Copy link to this comment
• 03 Nov, '25
  Martin Hirschvogel Admin

  Agree, that's why we moved the mobile app now back to under consideration.
  We have not solved this issue yet, but have started at least to consolidate the internal certificates. We imagine something similar also for the Trusted CA settings you mentioned:
  https://checkmk.com/werk/17027

  Copy link to this comment
• 03 Nov, '25
  Martin Hirschvogel System

  "Add Subject/CN to the list of CAs in the global settings" (suggested by <Hidden> on 2025-05-12), including upvotes (4) and comments (0), was merged into this suggestion.

  jxtlyzcxs3yqc3m1nmh8.png

  1 Copy link to this comment