The CA role runs the Circonus private Certificate Authority, which handles the SSL communication between stratcon, the brokers, the web UI, and the API, as well as user facing services if so configured.
CA utilizes OpenSSL for its certificate signing. The home directory is in
/opt/circonus/CA. If you are running multiple CA hosts, and/or have a
multi-datacenter deployment, this directory will need to be synced regularly to
all non-primary hosts. A daily sync is recommended.
A single service,
circonus-ca_processor, runs on the CA machine. This
process listens to notifications from the database and signs any pending
Certificate Signing Requests (CSRs), loading the new certificate back into the
If for any reason you are not receiving certificates, either when installing
Circonus or when adding new services or brokers, try restarting the
circonus-ca_processor service. This should cause the service to sign any
pending CSRs and then begin listening again for new entries.