Zabbix Documentation 3.0

3.04.04.4 (current)| In development:5.0 (devel)| Unsupported:1.82.02.22.43.23.44.2Guidelines

User Tools

Site Tools


manual:encryption:troubleshooting:psk_problems

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
manual:encryption:troubleshooting:psk_problems [2019/03/14 09:11]
viktors.tjarve added case where sender with TLS and server without TLS are used
manual:encryption:troubleshooting:psk_problems [2019/12/03 08:50]
martins-v describing instance of psk value too long
Line 38: Line 38:
   ...Message from 123.123.123.123 is missing header. Message ignored.   ...Message from 123.123.123.123 is missing header. Message ignored.
  
-=== Using Zabbix sender compiled with TLS support to send data to Zabbix server/​proxy compiled without TLS === +This problem typically arises when upgrading OpenSSL from 1.0.x or 1.1.0 to 1.1.1 and if the PSK value is longer than 512-bit ​(64-byte ​PSK, entered as 128 hexadecimal digits).
- +
-In connecting-side log: +
-  ​...In zbx_tls_init_child() +
-  ​...OpenSSL library (version OpenSSL ​1.1.1  11 Sep 2018) initialized +
-  ... +
-  ...In zbx_tls_connect(): psk_identity:"​PSK test sender"​ +
-  ...End of zbx_tls_connect():FAIL error:'​connection closed by peer'​ +
-  ​...send value error: TCP successful, cannot establish TLS to [[localhost]:​10051]:​ connection closed by peer +
- +
-In accepting-side log: +
-  ...failed to accept an incoming connection: from 127.0.0.1: support for TLS was not compiled in+
  
 See also: [[:​manual/​encryption/​using_pre_shared_keys#​size_limits|Value size limits]] See also: [[:​manual/​encryption/​using_pre_shared_keys#​size_limits|Value size limits]]