Zabbix Documentation 3.0 (current)| In development:5.0 (devel)| Unsupported:

User Tools

Site Tools



This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
manual:encryption:troubleshooting:psk_problems [2019/03/14 09:11]
viktors.tjarve added case where sender with TLS and server without TLS are used
manual:encryption:troubleshooting:psk_problems [2019/12/03 08:50]
martins-v describing instance of psk value too long
Line 38: Line 38:
   ...Message from is missing header. Message ignored.   ...Message from is missing header. Message ignored.
-=== Using Zabbix sender compiled with TLS support to send data to Zabbix server/​proxy compiled without TLS === +This problem typically arises when upgrading OpenSSL from 1.0.x or 1.1.0 to 1.1.1 and if the PSK value is longer than 512-bit ​(64-byte ​PSK, entered as 128 hexadecimal digits).
- +
-In connecting-side log: +
-  ​...In zbx_tls_init_child() +
-  ​...OpenSSL library (version OpenSSL ​1.1.1  11 Sep 2018) initialized +
-  ... +
-  ...In zbx_tls_connect(): psk_identity:"​PSK test sender"​ +
-  ...End of zbx_tls_connect():FAIL error:'​connection closed by peer'​ +
-  ​...send value error: TCP successful, cannot establish TLS to [[localhost]:​10051]:​ connection closed by peer +
- +
-In accepting-side log: +
-  ...failed to accept an incoming connection: from support for TLS was not compiled in+
 See also: [[:​manual/​encryption/​using_pre_shared_keys#​size_limits|Value size limits]] See also: [[:​manual/​encryption/​using_pre_shared_keys#​size_limits|Value size limits]]