No connection to Icinga possible. Port 5665 is down


(Hans Kestler) #1

Hello

I can not connect to the Icinag server, port 5665 is down.
The following error message comes on the server:

Port Check:
Starting Nmap 6.40 ( http://nmap.org ) at 2018-12-10 14:09 CET
Nmap scan report for 172.16.50.157
Host is up (0.00032s latency).
PORT STATE SERVICE
5665/tcp closed unknown
Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds

Server Check …
[root@icinga-server conf.d]# icinga2 daemon -C
[2018-12-10 14:31:34 +0100] information/cli: Icinga application loader (version: r2.10.2-1)
[2018-12-10 14:31:34 +0100] information/cli: Loading configuration file(s).
[2018-12-10 14:31:34 +0100] information/ConfigItem: Committing config item(s).
[2018-12-10 14:31:34 +0100] information/ApiListener: My API identity: icinga-server
[2018-12-10 14:31:34 +0100] critical/SSL: Error loading and verifying locations in ca key file ‘/var/lib/icinga2/certs//ca.crt’: 33558530, “error:02001002:system library:f open:No such file or directory”
[2018-12-10 14:31:34 +0100] critical/config: Error: Cannot make SSL context for cert path: ‘/var/lib/icinga2/certs//icinga-server.crt’ key path: ‘/var/lib/icinga2/certs//i cinga-server.key’ ca path: ‘/var/lib/icinga2/certs//ca.crt’.
Location: in /etc/icinga2/features-enabled/api.conf: 4:1-4:24
/etc/icinga2/features-enabled/api.conf(2): * The API listener is used for distributed monitoring setups.
/etc/icinga2/features-enabled/api.conf(3): */
/etc/icinga2/features-enabled/api.conf(4): object ApiListener “api” {
^^^^^^^^^^^^^^^^^^^^^^^^
/etc/icinga2/features-enabled/api.conf(5): accept_config = false
/etc/icinga2/features-enabled/api.conf(6): accept_commands = false

[2018-12-10 14:31:34 +0100] critical/config: 1 error

Does somebody has any idea
regards hans


(Matthias) #2

Your answer is right there in your output:
Error loading and verifying locations in ca key file ‘/var/lib/icinga2/certs//ca.crt’: 33558530, “error:02001002:system library:f open:No such file or directory”

Look here: https://icinga.com/docs/icinga2/latest/doc/06-distributed-monitoring/#create-ca-on-the-master


(Carsten Köbke) #3

Hello Hans,

Looks like you didnt run icinga2 node wizard or icinga2 api setup.
As far as i know the api needs a certificate to run.

Please run one of the wizard or follow the docs to do this steps by your self

Regards,
Carsten