Icinga CA trusted system wide on Windows #825
Description
Icinga uses its own local Certificate Authority to handle certificates between masters, satellites and agents. On Windows servers, the Icinga CA is stored under "Trusted Root Certification Authorities" and "Third-Party Root Certification Authorities" making it trusted system wide.
Should the Icinga CA be trusted only for the Icinga service and not system wide? If so, what is the recommended approach to restrict its trust to only Icinga related components?