Installing Icinga Certificate Monitoring on Amazon Linux¶
The recommended way to install Icinga Certificate Monitoring is to use prebuilt packages from our official release repository. If the repository is not configured yet, please add it first before installing the package.
All packages we provide are signed with the following key.
Adding Icinga Package Repository¶
Info
A paid repository subscription is required for Amazon Linux 2 repositories. Get more information on icinga.com/subscription.
Don’t forget to fill in the username and password section with appropriate credentials in the local .repo file.
Here’s how to add the official release repository:
curl https://packages.icinga.com/subscription/amazon/ICINGA-release.repo -o /etc/yum.repos.d/ICINGA-release.repo
Installing the Package¶
Use your distribution’s package manager to install the icinga-x509
package as follows:
dnf install icinga-x509
yum install icinga-x509
Setting up the Database¶
Setting up a MySQL or MariaDB Database¶
The module needs a MySQL/MariaDB database with the schema that’s provided in the /usr/share/icingaweb2/modules/x509/schema/mysql.schema.sql
file.
You can use the following sample command for creating the MySQL/MariaDB database. Please change the password:
CREATE DATABASE x509;
GRANT CREATE, SELECT, INSERT, UPDATE, DELETE, DROP, ALTER, CREATE VIEW, INDEX, EXECUTE ON x509.* TO x509@localhost IDENTIFIED BY 'secret';
After, you can import the schema using the following command:
mysql -p -u root x509 < /usr/share/icingaweb2/modules/x509/schema/mysql.schema.sql
Setting up a PostgreSQL Database¶
The module needs a PostgreSQL database with the schema that’s provided in the /usr/share/icingaweb2/modules/x509/schema/pgsql.schema.sql
file.
You can use the following sample command for creating the PostgreSQL database. Please change the password:
CREATE USER x509 WITH PASSWORD 'secret';
CREATE DATABASE x509
WITH OWNER x509
ENCODING 'UTF8'
LC_COLLATE = 'en_US.UTF-8'
LC_CTYPE = 'en_US.UTF-8';
After, you can import the schema using the following command:
psql -U x509 x509 -a -f /usr/share/icingaweb2/modules/x509/schema/pgsql.schema.sql
This concludes the installation. You should now be able to import CA certificates and set up scan jobs. Please read the Configuration section for details.