Uploaded image for project: 'ZABBIX FEATURE REQUESTS'
  1. ZABBIX FEATURE REQUESTS
  2. ZBXNEXT-3777

Central management for PSK and identities through the gui

    Details

    • Type: New Feature Request
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 3.2.4
    • Fix Version/s: None
    • Labels:
      None
    • Environment:
      Zabbix 3.2 and above

      Description

      Starting with Zabbix version 3.0, one can encrypt communication between zabbix server/proxies and agents/cmd tools using a PSK. This requires a unique identity string per host.

      When using different PSK/Identities, it would make management more easy, if there would be a central place to mange the identies and have a sort of dropdown or similar to select those unassigned identities within the host configuration.

      Also, currently one can setup the same identy with different PSKs across multiple hosts, which is a misconfiguration. Maybe there could be a check to warn the user if an identity already exists, but with a different PSK. (or maybe an internal item that checks for integrity)

      Currently, the only way to get an overview for used identities is to query the database:
      select h.host, h.tls_accept, h.tls_psk, h.tls_psk_identity from hosts as h where h.tls_psk_identity != ''

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              wolfgang.alper Wolfgang Alper
            • Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: