we changed over from Standalone NSClient to NSClient via Icinga2 Agent connection.
The current situation is:
Master in Hamburg “OnShore”. Satellites on the Ships “OffShore” and Clients with Icinga2Agent.
We have a working config to check some OnShore Agent direct from master. We do the same Setup with certificates on the satellites to check the agents from the satellites, but satellite did not accept the client certificate because it is self signed and we can the the request in master and satellite. I sign the requests on both systems but same issue.
How we have to setup the certificates?