Modifying Spine configuration to use Self-Signed Certificates
If you are leveraging Cacti’s ‘spine’ collector, you can enable SSL communications.
- Modify the spine.conf file, usually located in
/usr/local/spine/etc/spine.conf, as follows:
DB_UseSSL 1 DB_SSL_Key /etc/certs/mysql/client-key.pem DB_SSL_Cert /etc/certs/mysql/client-cert.pem DB_SSL_CA /etc/certs/mysql/ca.pem - Perform a test run on Spine to test the connection (but not actually write any data back to the database):
cd /usr/local/spine/bin/ ./spine -R -V 3 -f 1 -l 100 -S
Note: Once you have the spine command running properly, you do not have to make any additional
changes. The Cacti data collector will pick up these changes automatically the next time it runs
from Crontab.