I am trying to install icinga2-2.10.2-1 on a RHEL 8 server, with the icinga master already installed and operational on a RHEL 7 server. When I get to the point where I’m running the icinga2 node wizard command to pair the client with the master server, it fails with an sslv3 handshake error.
According to RHEL 8 documentation, sslv3 is disabled by default on RHEL8 and I am not permitted to enable it in my environment. Is there any way I can change the node wizard to use a different cipher that is enabled on RHEL 8?
Unfortunately I’m in a situation where working around stupid technical problems is easier than working through the bureaucracy to get a newer version approved.
I’m using CentOS 8 satellites (with CentOS 7 master) and have not come across this issue, so I’m wondering if there is something else specific about your environment that even tries SSLv3.
Can you run this on both servers? openssl ciphers -v | awk '{print $2}' | sort | uniq
Have you run the other troubleshooting steps I linked to?
I ran the s_connect command and confirmed it uses TLSv1.2 to connect CentOS 8 to CentOS 7. Granted, I am using the current/near current version. However, TLS support was added long before even the old version you are using - at least from what I have seen.