I add icinga clients via ansible playbook with
node commands. I use this a long time. But now i receive error with client certificate validation while node setup:
information/ApiListener: New client connection for identity 'client.com' from [220.127.116.11]:35344 (certificate validation failed: code 18: self signed certificate) warning/ApiListener: No data received on new API connection for identity 'client.com'. Ensure that the remote endpoints are properly configured in a cluster setup.
I reproduce this manually but same error.
Generate new cert for
client.com (executed on
icinga2 pki new-cert --cn client.com --key /etc/icinga2/pki/client.com.key --cert /etc/icinga2/pki/client.com.crt
Save new cert (executed on
icinga2 pki save-cert --key /etc/icinga2/pki/client.com.key --cert /etc/icinga2/pki/client.com.crt --trustedcert /etc/icinga2/pki/trusted-master.crt --host server.com
Get ticket on server for client (executed on
icinga2 pki ticket --cn client.com
Add client to server (executed on
master_host parameter has changed to
icinga2 node setup --ticket ticket_from_previous_step --endpoint server.com --zone client.com --parent_host server.com --trustedcert /etc/icinga2/pki/trusted-master.crt
I have error on last step.
Icinga version: r2.10.2-1 (in all servers)
Operating System and version: Debian 9.6 amd64 (in all servers)