Azure Agent Info - SSLerror - bad handshake

Owned by Sebastian Kirchmeyer
Last updated: May 10, 2024 by Matthew Hierholzer
1 min read

This article helps troubleshoot "CRIT - Management client - Caused by SSLError - bad handshake" error while trying to monitor Azure environments. 

LAST TESTED ON CHECKMK 2.0.0P1

Table of Contents

Problem

When trying to monitor my Microsoft Azure environment, you see the following error message in the Checkmk service Azure Agent Info:

Screenshot of the Azure Agent Info service. The state is currently at Critical with an SSLError of bad handshake.

Solution

You need to make sure that your Checkmk server can connect to the following two addresses of MS Azure: management.azure.com and login.microsoft.com

When a connection from your Checkmk server is impossible or times out, monitoring Azure will not be possible. You can quickly check this as the site user of your Checkmk site with either Telnet or Netcat:

OMD[mysite]:~$ nc -zv login.microsoftonline.com 443
OMD[mysite]:~$ nc -zv management.azure.com 443


The output of these commands should look like this:

OMD[mysite]:~$ nc -zv login.microsoft.com 443
Connection to login.microsoft.com 443 port [tcp/https] succeeded!

OMD[mysite]:~$ nc -zv management.azure.com 443
Connection to management.azure.com 443 port [tcp/https] succeeded!


If the output looks any different, you have to check the connection of your Checkmk server to Azure or contact your network people. More than once, there was a firewall blocking this connection.