I’m struggling with getting the API to work - I get the following error:
root@enlil:~/icinga/tools# curl -vv -X PUT -H 'Accept:application/json' -u root:5adf85042d7d937f --cacert /var/lib/icinga2/certs/ca.crt https://vogon.comind.io:80/v1/objects/hosts/enlil
* Trying 192.168.50.9:80...
* Connected to vogon.comind.io (192.168.50.9) port 80 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /var/lib/icinga2/certs/ca.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* (5454) (IN), , Unknown (72):
* error:0A00010B:SSL routines::wrong version number
* Closing connection 0
curl: (35) error:0A00010B:SSL routines::wrong version number
I have googled for it, but nothing seems to match my case - and I’m not sure I actually understand what this is all about. I had it working - at least better than this - but a colleague had ‘helpfully’ installed Director, which seemed to mess up what I am trying to do, which is to be able to use the API without Director, basically. Thus, I wiped out the installation on the server (apt purge ...), deleted anything that looked like icinga2, and reinstalled from scratch; and now I have this problem.
Packet tracing with tcpdump reveals little beside the fact that a PUT request is sent to the server; nothing is recorded in the logs, it seems, including icinga2.log, icingaweb2.log and apache2/access.log.
So, any recommendations about how I can troubleshoot this?
This is my installation:
root@vogon:/etc/apache2/sites-available# icinga2 -V
icinga2 - The Icinga 2 network monitoring daemon (version: r2.13.7-1)
Copyright (c) 2012-2023 Icinga GmbH (https://icinga.com/)
License GPLv2+: GNU GPL version 2 or later <https://gnu.org/licenses/gpl2.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
System information:
Platform: Debian GNU/Linux
Platform version: 11 (bullseye)
Kernel: Linux
Kernel version: 5.10.0-13-amd64
Architecture: x86_64
Build information:
Compiler: GNU 10.2.1
Build host: runner-hh8q3bz2-project-575-concurrent-0
OpenSSL version: OpenSSL 1.1.1n 15 Mar 2022
Application information:
General paths:
Config directory: /etc/icinga2
Data directory: /var/lib/icinga2
Log directory: /var/log/icinga2
Cache directory: /var/cache/icinga2
Spool directory: /var/spool/icinga2
Run directory: /run/icinga2
Old paths (deprecated):
Installation root: /usr
Sysconf directory: /etc
Run directory (base): /run
Local state directory: /var
Internal paths:
Package data directory: /usr/share/icinga2
State path: /var/lib/icinga2/icinga2.state
Modified attributes path: /var/lib/icinga2/modified-attributes.conf
Objects path: /var/cache/icinga2/icinga2.debug
Vars path: /var/cache/icinga2/icinga2.vars
PID path: /run/icinga2/icinga2.pid
root@vogon:/etc/apache2/sites-available# icinga2 feature list
Disabled features: command compatlog debuglog elasticsearch gelf graphite influxdb influxdb2 livestatus opentsdb perfdata statusdata syslog
Enabled features: api checker icingadb mainlog notification