Hello all,
I am trying to install icinga in a centos 7 machine and I am getting this weird error:
Error: Systemd start for icinga2 failed!
journalctl log for icinga2:
-- Logs begin at Fri 2019-07-05 11:55:00 CEST, end at Tue 2021-10-12 13:27:56 CEST. --
Oct 12 13:26:19 lxlicen13b.cern.ch systemd[1]: Unit icinga2.service cannot be reloaded because it is inactive.
Oct 12 13:26:27 lxlicen13b.cern.ch systemd[1]: Starting Icinga host/service/network monitoring system...
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: [2021-10-12 13:26:27 +0200] information/cli: Icinga application loader (version: 2.13.1-1)
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: [2021-10-12 13:26:27 +0200] information/cli: Loading configuration file(s).
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: [2021-10-12 13:26:27 +0200] information/ConfigItem: Committing config item(s).
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: [2021-10-12 13:26:27 +0200] critical/SSL: Error on bio X509 AUX reading pem file '/var/lib/icinga2/certs//lxlicen13b.cern.ch.crt': 33558541, "error:0200100D:system library:fopen:Permission denied"
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: [2021-10-12 13:26:27 +0200] critical/config: Error: Cannot get certificate from cert path: '/var/lib/icinga2/certs//lxlicen13b.cern.ch.crt'.
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: Location: in /etc/icinga2/features-enabled/api.conf: 3:1-3:24
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: /etc/icinga2/features-enabled/api.conf(1): # This file is managed by Puppet. DO NOT EDIT.
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: /etc/icinga2/features-enabled/api.conf(2):
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: /etc/icinga2/features-enabled/api.conf(3): object ApiListener "api" {
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: ^^^^^^^^^^^^^^^^^^^^^^^^
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: /etc/icinga2/features-enabled/api.conf(4): accept_commands = true
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: /etc/icinga2/features-enabled/api.conf(5): accept_config = true
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: [2021-10-12 13:26:27 +0200] critical/config: 1 error
Oct 12 13:26:27 lxlicen13b.cern.ch icinga2[7093]: [2021-10-12 13:26:27 +0200] critical/cli: Config validation failed. Re-run with 'icinga2 daemon -C' after fixing the config.
Oct 12 13:26:27 lxlicen13b.cern.ch systemd[1]: icinga2.service: main process exited, code=exited, status=1/FAILURE
Oct 12 13:26:27 lxlicen13b.cern.ch systemd[1]: Failed to start Icinga host/service/network monitoring system.
Oct 12 13:26:27 lxlicen13b.cern.ch systemd[1]: Unit icinga2.service entered failed state.
Oct 12 13:26:27 lxlicen13b.cern.ch systemd[1]: icinga2.service failed.
Oct 12 13:27:56 lxlicen13b.cern.ch systemd[1]: Starting Icinga host/service/network monitoring system...
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: [2021-10-12 13:27:56 +0200] information/cli: Icinga application loader (version: 2.13.1-1)
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: [2021-10-12 13:27:56 +0200] information/cli: Loading configuration file(s).
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: [2021-10-12 13:27:56 +0200] information/ConfigItem: Committing config item(s).
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: [2021-10-12 13:27:56 +0200] critical/SSL: Error on bio X509 AUX reading pem file '/var/lib/icinga2/certs//lxlicen13b.cern.ch.crt': 33558541, "error:0200100D:system library:fopen:Permission denied"
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: [2021-10-12 13:27:56 +0200] critical/config: Error: Cannot get certificate from cert path: '/var/lib/icinga2/certs//lxlicen13b.cern.ch.crt'.
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: Location: in /etc/icinga2/features-enabled/api.conf: 3:1-3:24
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: /etc/icinga2/features-enabled/api.conf(1): # This file is managed by Puppet. DO NOT EDIT.
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: /etc/icinga2/features-enabled/api.conf(2):
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: /etc/icinga2/features-enabled/api.conf(3): object ApiListener "api" {
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: ^^^^^^^^^^^^^^^^^^^^^^^^
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: /etc/icinga2/features-enabled/api.conf(4): accept_commands = true
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: /etc/icinga2/features-enabled/api.conf(5): accept_config = true
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: [2021-10-12 13:27:56 +0200] critical/config: 1 error
Oct 12 13:27:56 lxlicen13b.cern.ch icinga2[7774]: [2021-10-12 13:27:56 +0200] critical/cli: Config validation failed. Re-run with 'icinga2 daemon -C' after fixing the config.
Oct 12 13:27:56 lxlicen13b.cern.ch systemd[1]: icinga2.service: main process exited, code=exited, status=1/FAILURE
Oct 12 13:27:56 lxlicen13b.cern.ch systemd[1]: Failed to start Icinga host/service/network monitoring system.
Oct 12 13:27:56 lxlicen13b.cern.ch systemd[1]: Unit icinga2.service entered failed state.
Oct 12 13:27:56 lxlicen13b.cern.ch systemd[1]: icinga2.service failed.
Do you may know what is causing it? First time I’m seeing it. The permissions on the certificates seem ok to me. I have no clue what could be the problem.
Icinga Version: 2.13