Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-9879

https monitoring breaks when TLS V1.0 protocol disallowed

    Details

      Description

      Agent checks for net.tcp.service[https...] as well as web scenarios broke when target server was reconfigured to disallow TLS V1.0 protocol (forcing TLS 1.1, 1.2). Web scenario reports error message "SSL connect error: Encountered end of file".

      Underlying issue with curl (shell command) attempting to connect to same URL generates "NSS error -5938 (PR_END_OF_FILE_ERROR)" and error 35, but forcing protocol with '--tlsv1.1' option does connect happily. However, no way to do this in UI, and it's not clear why current implementation won't negotiate >= 1.1 since it's capable.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              kmp K. M. Peterson
            • Votes:
              18 Vote for this issue
              Watchers:
              26 Start watching this issue

              Dates

              • Created:
                Updated: