[icinga-users] After update to 2.0.2 Icinga don't read my old certificate

Alfonso Pace alfonsopace at gmail.com
Thu Aug 7 17:17:05 CEST 2014


Hi, the file exist and I moved the file in your suggested location and
checked the owner and permission but this error not change.
Any suggestion?
How I can configure icinga user and group in exact mode in /etc/passwd and
group in /etc/group?
My user config actually is the following in /etc/passwd:
icinga:x:667:667:icinga:/var/spool/icinga2:/sbin/nologin
I have this group in /etc/group:
icinga:x:667:
Any help is appreciated.
Thanks to all for support.




2014-08-07 15:33 GMT+02:00 Gunnar Beutner <gunnar.beutner at netways.de>:

> Am 07.08.2014 15:25, schrieb Alfonso Pace:
> > Hi,
> > I updated my icinga to 2.0.2 version but I have this error in startup:
> > critical/SSL: Error on bio X509 AUX reading pem file
> > '/root/icinga-ca/icinga2c.crt': 537346050,
> > "error:0200100D:lib(2):func(1):reason(13)"
> > [2014-08-07 15:18:26 +0200] critical/ApiListener: Cannot get
> > certificate from cert path: '/root/icinga-ca/icinga2c.crt'.
>
> This error message is a new feature in 2.0.2. In 2.0.1 Icinga just
> ignored the error but didn't actually properly initialize the API
> listener - which means your cluster could not possibly have worked with
> 2.0.1.
>
> You should check whether the file exists and is accessible by the user
> Icinga 2 is running as. In most cases you'll want to copy them from
> /root into /etc/icinga2/pki and check the file permissions.
>
> >
> > Why, if my old installation (v2.0.1) worked fine before the update,
> > now I have this error?
> > I have my cert in /root/icinga-ca folder and all file have 644
> > permission and own icinga:icinga
> >
> > My api file is this one:
> > object ApiListener "api" {
> > cert_path = "/root/icinga-ca/" + NodeName + ".crt"
> > key_path = "/root/icinga-ca/" + NodeName + ".key"
> > ca_path = "/root/icinga-ca/ca.crt"
> >
> > }
> >
> > It's a bug or when I update to new version, I have to create new
> > certificates?
> > Or it's another problem?
> > Thanks in advance.
> >
> >
> > --
> > --
> > ATTENTION: Privacy Policy – D.L.gs <http://D.L.gs> 196/2003
> > The information contained in this email message are of a private and
> > confidential nature and are exclusively addressed to the person
> > indicated above. In case you have received this email in error, we
> > comunicate to you that by Law, it is forbidden for another person to
> > use, make known, distribute or copy the contents. You are asked to
> > report it immediately, replying to the sender and destroying the
> > contents (including any attached files) without making a copy or
> > reading the contents. The message and the attachments are protected
> > and scanned with an antivirus protection
> >
> >
> > _______________________________________________
> > icinga-users mailing list
> > icinga-users at lists.icinga.org
> > https://lists.icinga.org/mailman/listinfo/icinga-users
>
>
> --
> Gunnar Beutner
> Application Developer
>
> NETWAYS GmbH | Deutschherrnstr. 15-19 | D-90429 Nuernberg
> Tel: +49 911 92885-0 | Fax: +49 911 92885-77
> GF: Julian Hein, Bernd Erk | AG Nuernberg HRB18461
> http://www.netways.de | Gunnar.Beutner at netways.de
>
> ** Open Source Backup Conference 2014 - September - osbconf.org **
> ** Puppet Camp Duesseldorf 2014 - Oktober - netways.de/puppetcamp **
> ** OSMC 2014 - November - netways.de/osmc **
> ** OpenNebula Conf 2014 - Dezember - opennebulaconf.com **
> _______________________________________________
> icinga-users mailing list
> icinga-users at lists.icinga.org
> https://lists.icinga.org/mailman/listinfo/icinga-users
>



-- 
--
ATTENTION: Privacy Policy – D.L.gs 196/2003
The information contained in this email message are of a private and
confidential nature and are exclusively addressed to the person indicated
above. In case you have received this email in error, we comunicate to you
that by Law, it is forbidden for another person to use, make known,
distribute or copy  the contents. You are asked to report it immediately,
replying to the sender and destroying the contents (including any attached
files) without making a copy or reading the contents. The message and the
attachments are protected and scanned with an antivirus protection
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.icinga.org/pipermail/icinga-users/attachments/20140807/b91741cd/attachment.html>


More information about the icinga-users mailing list