-
Problem report
-
Resolution: Fixed
-
Critical
-
5.0.31, 6.0.13, 6.2.7, 6.4.0rc1
-
None
-
Sprint 98 (Mar 2023), Sprint 99 (Apr 2023)
-
1
Steps to reproduce:
- setup MongoDB with the following configuration:
net: tls: mode: requireTLS
- try to set session definition:
Plugins.MongoDB.System.Path=/usr/sbin/zabbix-agent2-plugin/zabbix-agent2-plugin-mongodb Plugins.MongoDB.Sessions.local.Uri=tcp://<host>:27017 Plugins.MongoDB.Sessions.local.TLSConnect=verify_ca Plugins.MongoDB.Sessions.local.TLSCertFile=/path/to/cert.pem Plugins.MongoDB.Sessions.local.TLSCAFile=/path/to/trusted_ca.pem Plugins.MongoDB.Sessions.local.TLSKeyFile=/path/to/cert.pem
or
Plugins.MongoDB.System.Path=/usr/sbin/zabbix-agent2-plugin/zabbix-agent2-plugin-mongodb Plugins.MongoDB.Sessions.local.TLSConnect=required
Use, for example:
mongodb.ping["{$MONGODB.CONNSTRING}","{$MONGODB.USER}","{$MONGODB.PASSWORD}"]
Result:
Invalid parameters: second parameter "User" cannot be passed along with session.
Expected:
1. Allow to set User and Password from secret macro(or vault) (saving in clear text is not an option if all mongodb instances are using tls without unencrypted options) with TLS
2. Allow to have some encryption defaults - automatically support TLSConnect=required or all to define global settings like:
Plugins.MongoDB.Sessions.*.TLSConnect=verify_ca Plugins.MongoDB.Sessions.*.TLSCertFile=/path/to/cert.pem Plugins.MongoDB.Sessions.*.TLSCAFile=/path/to/trusted_ca.pem Plugins.MongoDB.Sessions.*.TLSKeyFile=/path/to/cert.pem
- part of
-
ZBXNEXT-8330 Default values in Zabbix agent 2 plugin items with Session support
- Closed
- mentioned in
-
Page Loading...