Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
[dev.icinga.com #12092] Icinga incorrectly disconnects all endpoints if one has a wrong certificate #4341
This issue has been migrated from Redmine: https://dev.icinga.com/issues/12092
Created by lbetz on 2016-07-04 08:03:05 +00:00
I saw it first when a customer reinstalled the icinga server and forgot to backup the CA. After created a new CA, of course all agent had wrong certificates. Now after configured some agents with new and correct certificates the log on this agents show the disconnect to the endpoint on the master/satellite, i.e. log of agent antlia and its parent sculptor:
[2016-07-04 09:52:30 +0200] warning/JsonRpcConnection: API client disconnected for identity 'sculptor'
Data seem to reply to sculptor but only if the heartbeat notices that the connection isn't established.
That means if you have only one wrong cert all other agents with a correct one will be disconnected their connection. From this it follows that you have timing problems in your environment, because all data between endpoints will replied every 30 secs only.