Establish connection between Satellite and Icinga2-Client-Node

This forum was archived to /woltlab and is now in read-only mode.
  • Hi, i have a Problem with a connection between an icinga - satellite and its nodes.


    The Scenario:


    I have a Master which is successfully connected with a satellite (configured by node wizard). Now i want to establish a connection between a server machine (Its an Exchange-Server) which acts as a node via nsclient++ and the sattellite. I don't understand how i establish this connection. So i asked myself, is there a way to create a certificate on the client/satellite machine to establish a connection to the server-node.


    The server-node with nsclient++ is not allowed to establish a connection directly to the master (see attached picture).


    Creating a Ticket with "icinga2 pki ticket --cn 'icinga2-client1.localdomain'" is successfully created and accepted by the server-node.


    Thanks very much!


    paramay_fr:)

  • With the comeing Version 2.8, Satellites are able to forward Cert requests to the master. But currently you will need to create the certs manuelly on you master instance. There is a chapter about it in the docs.

  • Hi, thank you very much for that hint.


    I read this doc, but it looks like that we create a new cert for the master. that is not what i want. i want to create a cert manually for a node. maybe there is another doc for that and i'm just blind ;)?


    thankx!


    paramax_fr

  • This is the right chapter. You have already a CA cert ( i assueme). So you can sskip the First step and start with crreating the CSR.


    dnsmichi maybe this could be seperated in the documentation? I came across the same thought at my beginnings.

  • The docs are wrong, it should be icinga2-master2 or any other node. Copy paste error and no-one ever found it. Thanks, will be fixed.