-
Type:
Patch request
-
Resolution: Won't fix
-
Priority:
Trivial
-
None
-
Affects Version/s: 6.0.21
-
Component/s: Proxy (P)
-
None
-
Environment:Ubuntu20.04, Zabbix 6.0 LTS in all components (servers, proxies, agents). Only zabbix_agent2.
Steps to reproduce:
- Zabbix agent configured with TLS-PSK encryption. "TLSConnect=psk" and "TLSAccept=psk" in zabbix_agent2.conf
- Host with zabbix_agent2 registered into server with TLS-PSK option for Connection to host and Connection from host. Same TLS-PSK identity and secret for both configuration (to host / from host)
- Two zabbix proxies registered into server as passive proxies. Both with TLS-PSK configuration (Connection to proxy) correctly configured.
- Agents with "Server=proxy1,proxy2" and "ServerActive=proxy1,proxy2" configured in zabbix_agent2.conf
- Agent assigned to proxy1 in server
- Templates with active and passive checks assigned to agent
Result:
- Everything working fine and as expected. Server displays metrics and collects/receive data for agent checks (passive and active)
- "Standby" proxy (proxy2) logging messages continuously (every 3 seconds per each agent) like below:
Sep 15 13:32:09 proxy2.zabbix.lan zabbix_proxy[604517]: cannot find requested PSK identity "agent1.corp.lan_C11e" Sep 15 13:32:09 proxy2.zabbix.lan zabbix_proxy[604517]: failed to accept an incoming connection: from 10.13.25.2: TLS handshake set result code to 1: file ../ssl/t1_lib.c line 2750: error:14201076:SSL routines:tls_choose_sigalg:no suitable signature algorithm: TLS write fatal alert "handshake failure"
Expected:
- Everything working fine and as expected.
- No noise messages are logged into "Standby" proxy (proxy2).
- duplicates
-
ZBXNEXT-5911 Automatically distribute hosts between proxies
-
- Closed
-