All of a sudden it started working partially (waited for 3+ hours though…). Right now the host is at least reachable and I’m getting an ICMP response, but the services are not responding.
Icinga is telling me: Remote Icinga instance ‘dc01.domain.local’ is not connected to ‘sat01.domain.local’ for the other services. This is connected, but since domain.local is already used and can’t use the same name twice for an object over different satellites, as the director will complain duplicates are not allowed.
I’ve referenced to it as domain2.local, by adding an extra DNS zone called domain2.local, copying over the DNS entries so everything will have a domain2.local extension too and by adding it to my search domain on my satellite.
Resolution is successful, but the status is still Unknown.
When I’m running tail -f /var/log/icinga2/icinga2.log, it shows the following entry repeatedly:
[2019-08-07 10:05:34 +0200] warning/ApiListener: Unexpected certificate common name while connecting to endpoint ‘dc01.domain2.local’: got ‘dc01.domain.local’
(0) Handling new API client connection
[2019-08-07 10:08:14 +0200] information/ApiListener: Finished reconnecting to endpoint ‘as03.domain2.local’ via host ‘as03.domain.local’ and port ‘5665’
[2019-08-07 10:08:14 +0200] information/ApiListener: Finished reconnecting to endpoint ‘dc01.domain2.local’ via host ‘dc01.domain.local’ and port ‘5665’
[2019-08-07 10:08:17 +0200] warning/JsonRpcConnection: API client disconnected for identity ‘dc01.domain.local’
[2019-08-07 10:08:19 +0200] warning/JsonRpcConnection: API client disconnected for identity ‘as03.domain.local’
[2019-08-07 10:08:21 +0200] information/ApiListener: New client connection for identity ‘dc01.domain.local’ from [10.0.14.1]:58924 (no Endpoint object found for identity)
Is there a switch in icinga2 which will allow me to ignore the common name mismatch (as it’s correct, but not correct) on the satellite for an Endpoint (Windows Agent)?