Zabbix tries to load client certificate when using TLS, even if not needed

XMLWordPrintable

    • Type: Problem report
    • Resolution: Won't fix
    • Priority: Trivial
    • None
    • Affects Version/s: 7.0.10
    • Component/s: Proxy (P), Server (S)
    • None
    • Sprint candidates
    • 2

      When a TLS connection to the database is used (DBTLSConnect=required), Zabbix Server always tries to load the client certificate if a path is provided (db_tls_cert_file). This happens even if certificate authentication is not enabled. As a result, under enforced SELinux policies, the server fails to access the certificate file, leading to connection errors.

            Assignee:
            Zabbix Development Team
            Reporter:
            Piotr Wegrzyn
            Team B
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - Not Specified
                Not Specified
                Logged:
                Time Spent - 9h
                9h