I’ve the similar problem where Secondary master icinga2 log shows
critical/SSL: Could not open CA key file '/var/lib/icinga2/ca/ca.key': 33558530, "error:02001002:system library:fopen:No such file or directory"
critical/SSL: Error on bio X509 AUX reading pem file '/var/lib/icinga2/ca/ca.crt': 33558530, "error:02001002:system library:fopen:No such file or directory"
I don’t see any impact. Does anyone know what’s the purpose of having this file on the secondary master and any problem it would cause if it is not there?
The contents of /var/lib/icinga2/ca are used for singing certificate requests of other node. Having it only one one master works fine, however you won’t have redundancy for signing new certificates, but this should be tolerable under most circumstances.
This shouldn’t give any errors though, so if you’re using a current version, it might be worth opening an issue over at GitHub.
Thanks for the information. It’s on 2.5.4 so I’m trying to figure out the significance of ‘ca.crt’ on the secondary node since it is showing in the log.