Did you uncheck SSL verify peer and SSL verify host?

SSL verify peer is checked

as from the explanation:

Mark the checkbox to verify the SSL certificate of the web server.
The server certificate will be automatically taken from system-wide certificate authority (CA) location. You can override the location of CA files using Zabbix server or proxy configuration paramete


I have changed the location of the SSLCALocation to /etc/zabbix/SSLCA en put my CAcertificate in .cer from there.

However, the error still remains (cannot verify to a valid CA). So my guess would be that opensuse can't read the certificate because it is in a invalid format.

And now that i'm reading the yellow bit of the manual my guess was right:

[1] Zabbix supports certificate and private key files in PEM format only. In case you have your certificate and private key data in PKCS #12 format file (usually with extention *.p12 or *.pfx) you may generate the PEM file from it using the following commands:

openssl pkcs12 -in ssl-cert.p12 -clcerts -nokeys -out ssl-cert.pem
openssl pkcs12 -in ssl-cert.p12 -nocerts -nodes -out ssl-cert.key

To google it is to convert my .cer file to a .pem file.

> SSL verify peer is checked
You have problem with this, quick win - uncheck and CA cert won't be validated

If you need it, then investigate problem. Enable debug mode, restart zabbix server and check logs. It can be anything: file permission, cert format, ...