This file is indexed.

/usr/bin/icinga2-build-ca is in icinga2-common 2.1.1-1.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
#!/bin/sh
ICINGA2PKIDIR=/usr/share/icinga2/pki

. $ICINGA2PKIDIR/pkifuncs

check_pki_dir

if [ `ls -1 -- $ICINGA_CA | wc -l` != 0 ]; then
	echo "The Icinga CA directory must be empty." >&2
	exit 1
fi

chmod 700 $ICINGA_CA >/dev/null 2>&1

echo '01' > $ICINGA_CA/serial
touch $ICINGA_CA/index.txt

cp $ICINGA2PKIDIR/vars $ICINGA_CA/
. $ICINGA_CA/vars

KEY_DIR=$ICINGA_CA openssl req -config $ICINGA2PKIDIR/openssl-quiet.cnf -new -newkey rsa:4096 -x509 -days 3650 -keyform PEM -keyout $ICINGA_CA/ca.key -outform PEM -out $ICINGA_CA/ca.crt && \
	chmod 600 $ICINGA_CA/ca.key && \
	echo -e "\n\tIf you want to change the default settings for server certificates check out \"$ICINGA_CA/vars\".\n"