Hi,
while you can use your own CA, I would not recommend it, have a read here:
I don’t understand the following statement:
Why is it a blocker to have multiple certificates on one server? Each certificate is used for its own purpose, e.g. for enabling TLS (SSL) on web-servers, mail gateways or for Icinga 2 cluster communication.
For example you have one certificate for a web server in /etc/nginx/ssl/cert.crt. There isn’t a problem to have another one solely for Icinga 2. Icinga 2 will create the certificate in the /var/lib/icinga2/certs, so your web server certificate is never touched by Icinga 2.
There are commands to create and sign the certificate and CSR manually, have a look here:
https://icinga.com/docs/icinga2/latest/doc/06-distributed-monitoring/#manual-certificate-creation
Best regards
Michael