I am now facing the next problem.
I have turned the HA version into a single version for the first time.
All Icinga modules and Icinga2 are up to date.
I am running Ubuntu 20.04 LTS.
When I create an Ifw host, everything is ok.
The certificate is created on the host, which I can see.
At least I think I have read all the entries.
Also the article: https://icinga.com/docs/icinga-2/latest/doc/11-cli-commands/
I have already worked through it.
I have deleted all certificates and created new ones. I ran NodeWizard and Api Setup again.
I have already checked the zones and could not see any errors.
I think I’ve already had this running before, until a crash…
I then get the following error message on the server:
New client connection for identity 'passive_test' from [::ffff:95.112.77.176]:49780 (certificate validation failed: code 18: self signed certificate)
[2024-06-15 20:38:10 +0200] information/JsonRpcConnection: Received certificate request for CN 'passive_test' which couldn't be verified: self signed certificate (code 18)
[2024-06-15 20:38:10 +0200] information/JsonRpcConnection: Sending certificate response for CN 'passive_test' to endpoint 'passive_test' (auto-signing ticket).
[2024-06-15 20:38:10 +0200] warning/JsonRpcConnection: API client disconnected for identity 'passive_test'
I have connected the server via Letsencryp ssh
Does anyone have any ideas?
Thank you very much.
I had tried both, ticket and self-registering
I have found my error here and the hosts are now communicating.
I had forgotten to adjust the zones.conf on the agent so that it could reach the correct server from the Internet.
Is there a possibility that the zones.conf is directly passed correctly?
Please find attached my zones.conf from the server and the agent
Server
object Endpoint "myserver.1234.local" {
host = "myserver.1234.local"
port = "5665"
}
object Zone "myserver.1234.local" {
endpoints = [ "myserver.1234.local" ]
}
object Zone "global-templates" {
global = true
}
object Zone "director-global" {
global = true
}
Agent
object Endpoint "1234WIN01" {
}
object Endpoint "myserver.1234.local" {
host = "domainname.de"
port = "5665"
//I had to adjust host and port manually
}
object Zone "myserver.1234.locall" {
endpoints = [ "myserver.1234.local" ];
}
object Zone "1234WIN01" {
parent = "myserver.1234.locall";
endpoints = [ "1234WIN01" ];
}
object Zone "director-global" {
global = true;
}
object Zone "global-templates" {
global = true;
}
Running the icinga2 node wizard command or Windows agent setup again with the correct endpoints/parameters would also re-create the zones.conf on the agent.