It was a configuration problem on the second instance. It’s now fully functional 
Here the step to reproduce if someone else want to do the same thing :
- Build mandatory directories
cp -rp /etc/icinga2 /etc/icinga2-corp
rm features-enabled/icingadb.conf
rm features-available/icingadb.conf
cp -p /etc/default/icinga2 /etc/default/icinga2-corp
mkdir -p /var/log/icinga2-corp /var/lib/icinga2-corp/certs /var/run/icinga2-corp /var/cache/icinga2-corp /var/spool/icinga2-corp
chown -R nagios:nagios /var/lib/icinga2-corp /var/log/icinga2-corp /etc/icinga2-corp /var/cache/icinga2-corp /var/spool/icinga2-corp
chown nagios:www-data /var/run/icinga2-corp
- Generate new certificates
sudo -u nagios icinga2 pki new-cert --cn [[host_fqdn]] \
--key /var/lib/icinga2-corp/certs/[[host_fqdn]].key \
--cert /var/lib/icinga2-corp/certs/[[host_fqdn]].crt
sudo -u nagios icinga2 pki save-cert \
--trustedcert /var/lib/icinga2-corp/certs/master.crt \
--host [[master_fqdn]] \
--port 5665 \
--key local.key \
--cert local.crt
- Second daemon configuration
sudo -u nagios icinga2 node wizard -D LogDir=/var/log/icinga2-corp -D DataDir=/var/lib/icinga2-corp -D CacheDir=/var/cache/icinga2-corp -D SpoolDirDir=/var/run/icinga2-corp -D ZonesDir=/etc/icinga2-corp/zones.d -D ConfigDir=/etc/icinga2-corp
Welcome to the Icinga 2 Setup Wizard!
We will guide you through all required configuration details.
Please specify if this is an agent/satellite setup ('n' installs a master setup) [Y/n]:
Starting the Agent/Satellite setup routine...
Please specify the common name (CN) [[[host_fqdn]]]:
Please specify the parent endpoint(s) (master or satellite) where this node should connect to:
Master/Satellite Common Name (CN from your master/satellite node): [[master1_fqdn]]
Do you want to establish a connection to the parent node from this node? [Y/n]:
Please specify the master/satellite connection information:
Master/Satellite endpoint host (IP address or FQDN): [[master1_fqdn]]
Master/Satellite endpoint port [5665]:
Add more master/satellite endpoints? [y/N]: y
Master/Satellite Common Name (CN from your master/satellite node): [[master2_fqdn]]
Do you want to establish a connection to the parent node from this node? [Y/n]: y
Please specify the master/satellite connection information:
Master/Satellite endpoint host (IP address or FQDN): [[master2_fqdn]]
Master/Satellite endpoint port [5665]:
Add more master/satellite endpoints? [y/N]: n
Parent certificate information:
Version: 3
Subject: CN = [[master2_fqdn]]
Issuer: CN = Icinga CA
Valid From: Nov 15 14:17:16 2023 GMT
Valid Until: Dec 16 14:17:16 2024 GMT
Serial:
Signature Algorithm: sha256WithRSAEncryption
Subject Alt Names: [[master2_fqdn]]
Fingerprint:
Is this information correct? [y/N]: y
Please specify the request ticket generated on your Icinga 2 master (optional).
(Hint: # icinga2 pki ticket --cn '[[host_fqdn]]'):
No ticket was specified. Please approve the certificate signing request manually
on the master (see 'icinga2 ca list' and 'icinga2 ca sign --help' for details).
Please specify the API bind host/port (optional):
Bind Host []:
Bind Port []: 5664
Accept config from parent node? [y/N]: y
Accept commands from parent node? [y/N]: y
Reconfiguring Icinga...
Disabling feature notification. Make sure to restart Icinga 2 for these changes to take effect.
Local zone name [[[host_fqdn]]]:
Parent zone name [master]:
Default global zones: global-templates director-global
Do you want to specify additional global zones? [y/N]:
Do you want to disable the inclusion of the conf.d directory [Y/n]:
Disabling the inclusion of the conf.d directory...
Done.
Now restart your Icinga 2 daemon to finish the installation!
- Sign CSR on master
root@master2(~) : icinga2 ca list
Fingerprint | Timestamp | Signed | Subject
-----------------------------------------------------------------|--------------------------|--------|--------
[[fingerprint]] | Jun 6 13:21:23 2024 GMT | | CN = [[host_fqdn]]
root@master2(~) : icinga2 ca sign [[fingerprint]]
information/cli: Signed certificate for 'CN = [[host_fqdn]]'.
- Create systemd service
Create the file /lib/systemd/system/icinga2-corp.service and paste
[Unit]
Description=Icinga host/service/network monitoring system
Requires=network-online.target
After=syslog.target network-online.target icingadb-redis.service postgresql.service mariadb.service carbon-cache.service carbon-relay.service
[Service]
Type=notify
NotifyAccess=all
Environment="ICINGA2_ERROR_LOG=/var/log/icinga2-corp/error.log"
EnvironmentFile=/etc/default/icinga2-corp
ExecStartPre=/usr/lib/icinga2/prepare-dirs /etc/default/icinga2-corp
ExecStart=/usr/sbin/icinga2 daemon -c /etc/icinga2-corp/icinga2.conf --close-stdio -e ${ICINGA2_ERROR_LOG} -D LogDir=/var/log/icinga2-corp -D DataDir=/var/lib/icinga2-corp -D CacheDir=/var/cache/icinga2-corp -D SpoolDir=/var/spool/icinga2-corp -D InitRunDir=/var/run/icinga2-corp -D ZonesDir=/etc/icinga2-corp/zones.d
PIDFile=/run/icinga2-corp/icinga2.pid
ExecReload=/usr/lib/icinga2/safe-reload /etc/default/icinga2-corp
TimeoutStartSec=30m
KillMode=mixed
# Systemd >228 enforces a lower process number for services.
# Depending on the distribution and Systemd version, this must
# be explicitly raised. Packages will set the needed values
# into /etc/systemd/system/icinga2.service.d/limits.conf
#
# Please check the troubleshooting documentation for further details.
# The values below can be used as examples for customized service files.
#TasksMax=infinity
#LimitNPROC=62883
[Install]
WantedBy=multi-user.target
- Start service
systemctl start icinga2-corp.service