I know, the subject has come up at one time or another, but unfortunately the steps suggested there could not help me much.
For my final project I am currently setting up an Icinga server (version r2.8.1-1) on an Ubuntu 18.04.04 LTS.
In our company we only use Windows machines, on which I have rolled out all important Powershell scripts that are executed via a custom command.
Now it unfortunately only fails because of the connection to the agent. I installed the Icinga2 Agent on the client machine and signed the certificate on the master side. In the zones I defined the host as the “master” of the client and really checked if the same FQDN was used everywhere.
One thing still confuses me though. I find only the certificate of the master under /var/lib/icinga2/certs/, but not the certificate of the client( Although the certificate of the client is signed under “icinga2 ca list”.
This is the relevant extract of the log files for this:
[2020-05-11 00:09:51 +0200] critical/GraphiteWriter: Exception during Graphite operation: Verify that your backend is operational!
[2020-05-11 00:09:53 +0200] information/ApiListener: New client connection for identity ‘MUE-ILP-SRV-11.ILP.NET’ from [192.168.10.228]:61164 (certificate validation failed: code 18$
[2020-05-11 00:09:53 +0200]
If you need more information, please do not hesitate to ask