Hi Carl, your suggestion was perfectly!!! The master server don't read the .crt file. I changed proprietary of file with chown and restored the user icinga in the file /etc/sysconfig/icinga2. Now work fine!!! Thanks in advance!!! ;)
2014-07-25 13:05 GMT+02:00 Carl R. Friend <crfri...@rcn.com>: > On Fri, 25 Jul 2014, Alfonso Pace wrote: > > ICINGA2_USER=root >> ICINGA2_GROUP=root >> ICINGA2_COMMAND_USER=root >> ICINGA2_COMMAND_GROUP=root >> > > Do not do the above. As has been stated before, it's neither > recommended nor supported and can open your system up to a whole > raft of problems security-wise. Just don't do it. Your security > auditor will ignore you if you run as non-root and will crucify > you if you do; the former is preferred. > > If I start the daemons with icinga users (user and group setted in >> /etc/sysconfig/icinga2) the system return this error. >> *CONFIGURATION WITCH CAUSE ERROR critical/ApiListener: SSL context is >> required for AddListener()* >> > > Are there any errors emitted before that final critical? If so, > what are they? Do they pertain to permissions issues (e.g. "cannot > open file "foo.cert")? The odds are that you have permissioning > issues which render some critical component of the SSL path unreadable > and that's what's causing the issue. Find that and the rest should > fall into place naturally. There are various Linux tools to assist > you in this quest (e.g. "strace") if the Icinga2 code doesn't emit a > useful diagnostic. Read The Friendly Manual. > > Cheers! > > +------------------------------------------------+---------------------+ > | Carl Richard Friend (UNIX Sysadmin) | West Boylston | > | Minicomputer Collector / Enthusiast | Massachusetts, USA | > | mailto:crfri...@rcn.com +---------------------+ > | http://users.rcn.com/crfriend/museum | ICBM: 42:22N 71:47W | > +------------------------------------------------+---------------------+ > _______________________________________________ > icinga-users mailing list > icinga-users@lists.icinga.org > https://lists.icinga.org/mailman/listinfo/icinga-users > -- -- ATTENTION: Privacy Policy – D.L.gs 196/2003 The information contained in this email message are of a private and confidential nature and are exclusively addressed to the person indicated above. In case you have received this email in error, we comunicate to you that by Law, it is forbidden for another person to use, make known, distribute or copy the contents. You are asked to report it immediately, replying to the sender and destroying the contents (including any attached files) without making a copy or reading the contents. The message and the attachments are protected and scanned with an antivirus protection
_______________________________________________ icinga-users mailing list icinga-users@lists.icinga.org https://lists.icinga.org/mailman/listinfo/icinga-users
