+++ /dev/null
------BEGIN CERTIFICATE-----
-MIICtzCCAiCgAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJERTEQ
-MA4GA1UECAwHQmF2YXJpYTESMBAGA1UEBwwJTnVyZW1iZXJnMRUwEwYDVQQKDAxO
-RVRXQVlTIEdtYkgxHDAaBgNVBAMME0ljaW5nYSBTbmFrZSBPaWwgQ0EwHhcNMTIw
-NDI0MTE0NzQ2WhcNMTMwNDI0MTE0NzQ2WjBeMQswCQYDVQQGEwJERTEQMA4GA1UE
-CAwHQmF2YXJpYTESMBAGA1UEBwwJTnVyZW1iZXJnMRUwEwYDVQQKDAxORVRXQVlT
-IEdtYkgxEjAQBgNVBAMMCWljaW5nYS1jMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
-gYkCgYEAysHrzHs9WfQR4cEUx2hFZQmbM+Ssi5L63yqnzxEvVQ3GlM+uIceK1Kvx
-9EexoUDLhxJOaUmigc6Pcs2mAjcpEwObnzW4pLuMKa7ngGLrnUpmmDXdGoxkCbi7
-CP3s5yC7ZZ6bDiPMhRi/TRvY6+uQf+yew5daA3p87jocgRjhRicCAwEAAaN7MHkw
-CQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2Vy
-dGlmaWNhdGUwHQYDVR0OBBYEFPzsYbQZdbq+pcFJWoenWREW6WhMMB8GA1UdIwQY
-MBaAFNVJHVPJNwqEcG51lpqZJWVPaysFMA0GCSqGSIb3DQEBBQUAA4GBAMLP1GJf
-0hFdrEpGq+NvxTVx7wD30enAot5x2HLx4HuFohQJz/VZ45v+srrA+HEXbBFXPOd4
-nB2XtcDDidFKTt5E03HBwDGGZvnB3f1KXYi7B50imKrwVVzgp5nGBM4hSzWGovEX
-EYofmhk0fQg9qiKQrjwNib/4/b0srwEswfdj
------END CERTIFICATE-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMrB68x7PVn0EeHB
-FMdoRWUJmzPkrIuS+t8qp88RL1UNxpTPriHHitSr8fRHsaFAy4cSTmlJooHOj3LN
-pgI3KRMDm581uKS7jCmu54Bi651KZpg13RqMZAm4uwj97Ocgu2Wemw4jzIUYv00b
-2OvrkH/snsOXWgN6fO46HIEY4UYnAgMBAAECgYBj/1QOG1HcxXT0REe9OP3QoPY8
-l7FJfQnheqYch7syVYL07aBR5Jnh3ZONCLbgcpZuXWbyonBVWMyCsE4Jla7ZYnBB
-plZPMYmzGxEbTM5Bu+PZ0M1NLvdLCRq24IVwTZwBBZ3sr7rVSnAYi2Li0SWQEaCN
-P+PbZP1P9i9WiI+VIQJBAPYBfVWNk3gY1V0YuuH9fmYRBg5/B1qy8bYS9FLVIq2z
-5r7eI1EypcVtyTx6yMmLuWj4mpNOKv5sxQsHalzRo18CQQDS/qPoDqMkDB9r9XeZ
-qS2XQdX6YxzGisqL8vWcZ/Y6YX81qm3Lpp2wEexUXvWXRI5RdguctZFKTVyG/Mic
-C9o5AkAEtvKX+SaiXpd4OUkbm6gYfKsJDBYv/s3zF1nnXH5VpeT+M3Op0raqmfgJ
-WLEQa8UZ5enQeOcKCTudgn7fWIUxAkEAmXWfXP6YZXVzvR+xt08225aEvTItEbKM
-krFJNlLe4aNb1Hp6lO5ALnk6vDq8wSKZqGIFHBtq6vHNZFiix+xO8QJAIZ3pB/Bz
-Il8NjZMg8t/1sJdn32Xe9D0lZRtZTKC8zF/78NDFEo9qqE4Sr1CUfqlx18HXOxCO
-Vg4lv6+jUj+LmA==
------END PRIVATE KEY-----
\ No newline at end of file
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIICtzCCAiCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJERTEQ
-MA4GA1UECAwHQmF2YXJpYTESMBAGA1UEBwwJTnVyZW1iZXJnMRUwEwYDVQQKDAxO
-RVRXQVlTIEdtYkgxHDAaBgNVBAMME0ljaW5nYSBTbmFrZSBPaWwgQ0EwHhcNMTIw
-NDI0MTE0NzU1WhcNMTMwNDI0MTE0NzU1WjBeMQswCQYDVQQGEwJERTEQMA4GA1UE
-CAwHQmF2YXJpYTESMBAGA1UEBwwJTnVyZW1iZXJnMRUwEwYDVQQKDAxORVRXQVlT
-IEdtYkgxEjAQBgNVBAMMCWljaW5nYS1jMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
-gYkCgYEArOcVui1AWojbPuK/7We9uwIBLaOLfBxQRI3+k6PzzjdtaXT4ijT/DSav
-Q5U4wGOLYh0yuSyqS88QX/DsqDGLXnSVs8mT37bioMOw2XinqaNQ6xK4vyi0FYxS
-ewI6YOkYi7135NEaSUgd82hk4wFtiIb67T7hkHRc7Aui6FmT/SkCAwEAAaN7MHkw
-CQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2Vy
-dGlmaWNhdGUwHQYDVR0OBBYEFGvpolD5na6L70kNFO1tYGYIwDhqMB8GA1UdIwQY
-MBaAFNVJHVPJNwqEcG51lpqZJWVPaysFMA0GCSqGSIb3DQEBBQUAA4GBAIhhjKWw
-5JKirNidgG9PuD8x47VsRTkESLlq/pS7KjkE1nWCG9JpR5oVSzx2WXomiaAZ4q2C
-WS1z4HD9HF4NbhY+xVBi0Fj/kotuXCCweRo5EVp7Q4fabm1maJemFwMTHGhBLu7a
-v4dquYyOk9Dhkwcjajyn+KWceCoUTdI3LB2t
------END CERTIFICATE-----
\ No newline at end of file
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKznFbotQFqI2z7i
-v+1nvbsCAS2ji3wcUESN/pOj8843bWl0+Io0/w0mr0OVOMBji2IdMrksqkvPEF/w
-7Kgxi150lbPJk9+24qDDsNl4p6mjUOsSuL8otBWMUnsCOmDpGIu9d+TRGklIHfNo
-ZOMBbYiG+u0+4ZB0XOwLouhZk/0pAgMBAAECgYEAkbEavslYm7EMRX4dyXcMCaNT
-yNgxNcBJ5qpbpJ6XVuGfoSf+Mb8cV0GMl38K1hpLHb6Kujwntz9ghedmEwfEbcw0
-TkSaNz1+7omM+485S2YvXJyR1kO8eEKONVlGuxgO/ItiR+e1J6wMnY5JhctgRH6W
-aOqy+5Ua1ATIdiOYrI0CQQDku3CNDOipwDmguBIrlxa+6NsATJRjqFmHqWdu2pYh
-KRl3Sypn+LfhdFRbo3licU5a1OqydGmVpRTpQPJO7MoHAkEAwYPQIGZd/60O2LWV
-M5eLnwKrrQSfrQ/Lngz0Qko4Yo913Ef2PC2QQ6p9cOt3vMPZDK5znlzQbBCa6cAH
-tBvzTwJAT+uaaP5wsRdkS17lomt5XB1aoCEh3Cxvk/JCHL6tpEqLBl6yI4AJJ/KQ
-ozBccmQqv5wToWUBm3MB+nph7+fWswJAMKcQQ6UZCvganHeCzJbUXqUQPo7ECoHH
-IrSFEMmSRY1mB3z8NoMKG0kZArPgxc/DmUGfBfi12gWOvSgvh6PjVwJBALKECoe5
-nmxhHTFbs4+UCFTzp6BGtSBdr6to0ID7ykZWT6kBX/BHUnoJUEpDtNLXzbek/KeI
-ymg0LgRkHoWNpLY=
------END PRIVATE KEY-----
\ No newline at end of file
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIICNTCCAZ4CAQQwDQYJKoZIhvcNAQEFBQAwaDELMAkGA1UEBhMCREUxEDAOBgNV
-BAgMB0JhdmFyaWExEjAQBgNVBAcMCU51cmVtYmVyZzEVMBMGA1UECgwMTkVUV0FZ
-UyBHbWJIMRwwGgYDVQQDDBNJY2luZ2EgU25ha2UgT2lsIENBMB4XDTEyMDUwODA3
-MzkxOVoXDTIyMDUwNjA3MzkxOVowXjELMAkGA1UEBhMCREUxEDAOBgNVBAgMB0Jh
-dmFyaWExEjAQBgNVBAcMCU51cmVtYmVyZzEVMBMGA1UECgwMTkVUV0FZUyBHbWJI
-MRIwEAYDVQQDDAlpY2luZ2EtYzMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
-AKFf+UkCgbNtEP0OoeF+K02L5SRlqkkkp6eaieh0IN7NNAxeELcGpZmycv4sHp30
-qv0zDtKU1HYrpm8TEBsz2AoT+J36QT9IysfcWdM9o3WZGMDUVqYBUscurkxBQJCK
-cFwXijTJ8Djn82xVgNUm/E44AdbrIwUlx23yllErx8hfAgMBAAEwDQYJKoZIhvcN
-AQEFBQADgYEAsZOKZQ2+ksPiNTCJrY+uiUZs6lFSbcJ9BHHaAt0ytQPiblufz3xl
-AR5Hza5fHt+lN9aGxM7TWMhjZHhmoctSRz8AW1KZTdbxJhRdbqmBjl95c2wBiDxs
-ERpyU9m9Rp42IjTyU4Vr/yO7DgMcG2k4KYzNquA5O8rqqtPRAp3H6n0=
------END CERTIFICATE-----
\ No newline at end of file
+++ /dev/null
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQChX/lJAoGzbRD9DqHhfitNi+UkZapJJKenmonodCDezTQMXhC3
-BqWZsnL+LB6d9Kr9Mw7SlNR2K6ZvExAbM9gKE/id+kE/SMrH3FnTPaN1mRjA1Fam
-AVLHLq5MQUCQinBcF4o0yfA45/NsVYDVJvxOOAHW6yMFJcdt8pZRK8fIXwIDAQAB
-AoGASJwWXnNySHlam4Jp9DwA3/OCNs5HwIFtrkwqoR0fbSCHusjYXIHxISbZ9uOD
-Iy9jgGno0XeF4WXijTfWl2bMXYWTS7ISMBg96bPZtG/RTdgd1LT69s82a+apbgSd
-bxB64cyn8KtuABfZ9AMR+TV28TDmnGMdhVoaM66iWKv4a4ECQQDNmk3NTZ+s/y5F
-5qOgJqH5yX1hZLLmm8e8lpghqDT43HR3cMJLN6b5oS1UdMcEw1Q6q3hjFl+MbnZa
-AzvzpT9DAkEAyO5YdpbRG1OR7sNmidowvr1NkIjV/C4UuSpGrx9XJFAZkLxEEmMu
-13QssdHjAkX5yFjkoNPC+wA6DeVjtvHatQJBAMG1qavOgKyLV9t/65XOEDm5Pqnu
-KCfhiZQDBp5fTllRy2FlGYmoi2cSFhVGWOQB7G/CchBZWfiDcnpoJanufOUCQGr7
-bKKHnoKcNmEYLOpNABMum7PPB5AjwOjt94CagT1WYKZNdzkLEg+pTXrIM8QsGdhw
-bBqtZW1bK43mivcHQtkCQF+p7LfzmPo9uzRrOfjgTDYLuh3MD8EKNs0M6l15UqbQ
-nfBBE0oIPH4j+K++7xWUQ7vbiyBc7C7H3NZeE6xqfS0=
------END RSA PRIVATE KEY-----
\ No newline at end of file
--- /dev/null
+local object application "icinga" {
+ ca = "ca.crt",
+ cert = "icinga-c2.pem"
+}
+
+local object component "checker" {
+}
+
+local object component "discovery" {
+ broker = 0
+}
+
+/* trusted upstream endpoint */
+local object endpoint "icinga-c1" {
+ node = "192.168.5.46",
+ service = 7777,
+
+ roles = { "all" }
+}
+
+local object role "all" {
+ publications = { "*" },
+ subscriptions = { "*" }
+}
+
--- /dev/null
+local object application "icinga" {
+ cert = "icinga-c3.pem",
+ ca = "ca.crt"
+}
+
+local object component "checker" {
+}
+
+local object component "discovery" {
+ broker = 0
+}
+
+/* trusted upstream endpoint */
+local object endpoint "icinga-c1" {
+ node = "192.168.5.46",
+ service = 7777,
+
+ roles = { "all" }
+}
+
+local object role "all" {
+ publications = { "*" },
+ subscriptions = { "*" }
+}
local object application "icinga" {
- privkey = "icinga-c1.key",
- pubkey = "icinga-c1.crt",
- cakey = "ca.crt",
+ ca = "ca.crt",
+ cert = "icinga-c1.pem",
node = "10.0.10.14",
service = 7777
local object application "icinga" {
- privkey = "icinga-c2.key",
- pubkey = "icinga-c2.crt",
+ ca = "ca.crt",
+ cert = "icinga-c2.pem",
- cakey = "ca.crt",
node = "192.168.2.235",
service = 7777
}
local object application "icinga" {
- privkey = "icinga-c3.key",
- pubkey = "icinga-c3.crt",
- cakey = "ca.crt",
+ ca = "ca.crt",
+ cert = "icinga-c3.pem",
node = "10.0.10.14",
service = 9999
if (!icingaConfig->IsLocal())
throw runtime_error("'icinga' application object must be 'local'.");
- icingaConfig->GetProperty("privkey", &m_PrivateKeyFile);
- icingaConfig->GetProperty("pubkey", &m_PublicKeyFile);
- icingaConfig->GetProperty("cakey", &m_CAKeyFile);
+ icingaConfig->GetProperty("cert", &m_CertificateFile);
+ icingaConfig->GetProperty("ca", &m_CAFile);
icingaConfig->GetProperty("node", &m_Node);
icingaConfig->GetProperty("service", &m_Service);
- if (!GetPrivateKeyFile().empty() && !GetPublicKeyFile().empty() && !GetCAKeyFile().empty()) {
+ if (!GetCertificateFile().empty() && !GetCAFile().empty()) {
/* set up SSL context */
- shared_ptr<X509> cert = Utility::GetX509Certificate(GetPublicKeyFile());
+ shared_ptr<X509> cert = Utility::GetX509Certificate(GetCertificateFile());
string identity = Utility::GetCertificateCN(cert);
Application::Log(LogInformation, "icinga", "My identity: " + identity);
m_EndpointManager->SetIdentity(identity);
- shared_ptr<SSL_CTX> sslContext = Utility::MakeSSLContext(GetPublicKeyFile(), GetPrivateKeyFile(), GetCAKeyFile());
+ shared_ptr<SSL_CTX> sslContext = Utility::MakeSSLContext(GetCertificateFile(), GetCertificateFile(), GetCAFile());
m_EndpointManager->SetSSLContext(sslContext);
}
UnregisterComponent(component);
}
-string IcingaApplication::GetPrivateKeyFile(void) const
+string IcingaApplication::GetCertificateFile(void) const
{
- return m_PrivateKeyFile;
+ return m_CertificateFile;
}
-string IcingaApplication::GetPublicKeyFile(void) const
+string IcingaApplication::GetCAFile(void) const
{
- return m_PublicKeyFile;
-}
-
-string IcingaApplication::GetCAKeyFile(void) const
-{
- return m_CAKeyFile;
+ return m_CAFile;
}
string IcingaApplication::GetNode(void) const
EndpointManager::Ptr GetEndpointManager(void);
- string GetPrivateKeyFile(void) const;
- string GetPublicKeyFile(void) const;
- string GetCAKeyFile(void) const;
+ string GetCertificateFile(void) const;
+ string GetCAFile(void) const;
string GetNode(void) const;
string GetService(void) const;
private:
EndpointManager::Ptr m_EndpointManager;
- string m_PrivateKeyFile;
- string m_PublicKeyFile;
- string m_CAKeyFile;
+ string m_CertificateFile;
+ string m_CAFile;
string m_Node;
string m_Service;
projects / icinga2 / commitdiff