we use Icinga with one master, several satellites and many endpoints.
Because ubuntu we use for master is running out of support soon, we have to renew master with a new ubuntu.
I tried this with a test machine. Config was copied without bigger problems, but now I have a big issue with certificates.
When I enable the new master all trust between master and satellite is gone, because of the new certificate, the master has.
Now I can re-run node wizard on all satellites to get a new certificate on them. This also works fine, because config is re-submitted over zone-config.
But after all that, windows agents don’t trust the satellites any longer.
Is there a way to renew certificates on windows agent site, as like re-run node wizard on the satellites, without completely uninstall and reinstall the agent?
P.S.: At the moment i’m only using Icinga Agent. So the new Icinga for Windows is NOT installed on the target systems.