Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
[dev.icinga.com #12309] Icinga2 Clients are not connecting to their server #4433
This issue has been migrated from Redmine: https://dev.icinga.com/issues/12309
Created by balu on 2016-08-04 06:41:22 +00:00
I do not know, if it is a bug or it is my fault of a wrong configuration.
I have installed CentOS 7 with all updates to Aug 03 2016 and the packages of Icinga2 repo.
As backend postgresql as the preferred database. All clients are the same OS and updates. On the server, I did a node wizard setup with master settings for creating the salt and the certificates. On the client, I did this with client settings. Every step like its documented in your wiki. (it is not the fist setup)
Log of the client
Log of the server
This seems a certificate issue. But if I do this command:
The CA of server and client are identical. I tested this with openssl connect and it says OK. Do I have missed something?
Thank you very much,
Updated by balu on 2016-08-04 08:07:58 +00:00
Okay there is a mismatch between ido-pgsql. The daemon says, it necessary to install 1.14.1, but I am using 1.14.0.
For troubleshooting reason I disabled the ido. Now it works with 'icinga2 node update-config'
Updated by mfriedrich on 2016-08-04 08:14:58 +00:00
The snapshot packages target 2.5.0 which involves an IDO schema upgrade found in upgrade/2.5.0.sql. Right now there are no more schema changes expected so you can safely upgrade it. If you prefer to step back to 2.4.10 for the time being, its backwards compatible (running 2.4.10 with 1.14.1 works, tested).
Updated by mfriedrich on 2016-08-04 08:19:46 +00:00
We've been heavily testing this fix and other related issues in a customer environment in the past weeks. Once we resolve the remaining notification issues the next release will be 2.5.0 including all of them, including the faulty client disconnect inherited from other ssl errors (other clients with wrong CA, and so on).