Uploaded image for project: 'ZABBIX FEATURE REQUESTS'
  1. ZABBIX FEATURE REQUESTS
  2. ZBXNEXT-9789

Introduce TLSAcceptMode=required for Zabbix server and Zabbix proxy

XMLWordPrintable

    • Icon: Change Request Change Request
    • Resolution: Unresolved
    • Icon: Trivial Trivial
    • None
    • 7.0.10rc1, 7.2.4rc1, 7.4.0alpha1
    • Proxy (P), Server (S)
    • None

      There should be option that would require encrypted connections to Zabbix server and Zabbix proxy trapper port, all unencrypted connections must be dropped immediately when detected that there will be no handshake.

      Whitelist for unencrypted connections could remain as StatsAllowedIP=127.0.0.1
      If StatsAllowedIP=127.0.0.1 is commented out then no unencrypted connection should be allowed

            wiper Andris Zeila
            vso Vladislavs Sokurenko
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: