[ZBXNEXT-3777] Central management for PSK and identities through the gui Created: 2017 Apr 05 Updated: 2020 Jul 03 |
|
Status: | Open |
Project: | ZABBIX FEATURE REQUESTS |
Component/s: | Documentation (D), Frontend (F) |
Affects Version/s: | 3.2.4 |
Fix Version/s: | None |
Type: | New Feature Request | Priority: | Minor |
Reporter: | Wolfgang Alper | Assignee: | Unassigned |
Resolution: | Unresolved | Votes: | 6 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Zabbix 3.2 and above |
Issue Links: |
|
Description |
Starting with Zabbix version 3.0, one can encrypt communication between zabbix server/proxies and agents/cmd tools using a PSK. This requires a unique identity string per host. When using different PSK/Identities, it would make management more easy, if there would be a central place to mange the identies and have a sort of dropdown or similar to select those unassigned identities within the host configuration. Also, currently one can setup the same identity with different PSKs across multiple hosts, which is a misconfiguration. Maybe there could be a check to warn the user if an identity already exists, but with a different PSK (or maybe an internal item that checks for integrity). Currently, the only way to get an overview for used identities is to query the database: select h.host, h.tls_accept, h.tls_psk, h.tls_psk_identity from hosts as h where h.tls_psk_identity != '' |
Comments |
Comment by Wolfgang Alper [ 2017 Apr 05 ] |
One note: The Server log shows a misconfiguration. Example: |