Screenshot 2022-12-14 at 10.57.08.png
|
Duplicate |
[ZBX-22080] HTTP agent checks interprets certs permission issue as a key mismatch Created: 2022 Dec 14 Updated: 2022 Dec 14 |
|
| Status: | Confirmed |
| Project: | ZABBIX BUGS AND ISSUES |
| Component/s: | Proxy (P), Server (S) |
| Affects Version/s: | 6.0.12, 6.2.6, 6.4.0beta4 |
| Fix Version/s: | None |
| Type: | Problem report | Priority: | Major |
| Reporter: | Edgar Akhmetshin | Assignee: | Zabbix Development Team |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
RHEL 8.7 |
||
| Attachments: |
Screenshot 2022-12-14 at 10.57.08.png
|
||||
| Issue Links: |
|
||||
| Description |
|
Steps to reproduce:
Result: Cannot perform request: unable to set private key file: '/etc/zabbix/certs/some-key.pem' type PEM This error means that cert/key pair doesn't match each other. But check with: openssl x509 -noout -modulus -in some.pem | openssl md5 (stdin)= cb34074b9c231ffbeb49dcd7f323bc5a openssl rsa -noout -modulus -in some-key.pem | openssl md5 (stdin)= cb34074b9c231ffbeb49dcd7f323bc5a Add permissions, remove permissions from cert file: Cannot perform request: could not load PEM client certificate, OpenSSL error error:0200100D:system library:fopen:Permission denied, (no key found, wrong pass phrase, or wrong file format?) Problem: do not use 'permission deny error' result as a key which doesn't much certificate file. Expected: |
