I already connected several clients/agents per agent script out of icinga director. Now I face the problem to integrate a NanoPI Neo. Ubuntu 16.07.04 Xenial that cannot (easily) be upgraded. Icinga is of version 2.4.1-1.
The agent setup script fails and I think I tracked it down to a TLS version mismatch.
The master says:
[2022-01-25 16:40:48 +0100] critical/ApiListener: Client TLS handshake failed (from [10.10.7.231]:50852): unsupported protocol
TLS in general appears to be working:
openssl s_client -connect principal:5665
I also found he parameter tls_protocolmin. But as i understand I can only set it to “1.2” which also is the default?
For my setup TLS/SSL is not really necessary as it is a home setup.
Any ideas how I can get the agent or running or is it more smart to do by_ssh checks?