Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-20031

Let's Encrypt's new ISRG Root X1 not trusted in web scenarios

XMLWordPrintable

    • Icon: Incident report Incident report
    • Resolution: Won't fix
    • Icon: Trivial Trivial
    • None
    • 5.4.4
    • Server (S)
    • None

      Steps to reproduce:

      1. Start a zabbix/zabbix-server-pgsql:alpine-5.4.4 docker container with it's related services
      2. In the web GUI, define a host
      3. Create a web scenario pointing on a valid Let's Encrypted domain
      4. In Authentication, check both "SSL verify *" options

      Result:
      Zabbix problems will claim:
      > SSL peer certificate or SSH remote key was not OK: SSL certificate problem: certificate has expired

      Expected:
      No problem with the web scenario

      Suspected:
      The root certificate expiration mentioned here:
      https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
      Not sure how to check which openssl version we are using here.
      Seems like it's < 1.1.0

            zabbix.support Zabbix Support Team
            de LESPINAY Pierre
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: