Hi Icinga Community,
I hope you are all fit and healthy and not being driven crazy by the self-isolating.
Here is a question hope someone can answer.
In the icinga docs here: signing-certificates-on-the-master.
The first paragraph reads:
- This CA is generated during the master setup and should be the same on all master instances.
This implies that I should copy
/var/lib/icinga2/ca/ca.crt from the PRIMARY MASTER to the SECONDARY MASTER.
Is this correct? I read this comment (https://community.icinga.com/t/icinga2-director-configuration-in-ha-master-setup/2471 on this forum that the ca.crt should only reside on one master (see comments from @dnsmichi)
So my question is… Should I copy the ca.crt to the secondary master?