6.0.12, 6.2.6, 6.4.0beta4
Steps to reproduce:
- Try to use HTTP agent with certificates for some endpoint:
- Remove permission from do read from zabbix user/group key file.
Cannot perform request: unable to set private key file: '/etc/zabbix/certs/some-key.pem' type PEM
This error means that cert/key pair doesn't match each other.
But check with:
openssl x509 -noout -modulus -in some.pem | openssl md5 (stdin)= cb34074b9c231ffbeb49dcd7f323bc5a openssl rsa -noout -modulus -in some-key.pem | openssl md5 (stdin)= cb34074b9c231ffbeb49dcd7f323bc5a
Add permissions, remove permissions from cert file:
Cannot perform request: could not load PEM client certificate, OpenSSL error error:0200100D:system library:fopen:Permission denied, (no key found, wrong pass phrase, or wrong file format?)
Problem: do not use 'permission deny error' result as a key which doesn't much certificate file.
Permission deny error. Not key and certificate mismatch.