Hi,
I used the following tutorial to try and setup certificate encryption: https://hub.packtpub.com/encrypting-zabbix-traffic/
However when I run zabbix_get, I get the error "unknown CA".
How do I fix this?
I even added the subject and issuer option to zabbix_agent.conf to try things out, but no luck...
Any advice or a good tutorial?
I used the following tutorial to try and setup certificate encryption: https://hub.packtpub.com/encrypting-zabbix-traffic/
However when I run zabbix_get, I get the error "unknown CA".
Code:
# zabbix_get -s 127.0.0.1 -k system.cpu.load --tls-connect cert --tls-ca-file /etc/zabbix/ssl/zabbix_ca.crt --tls-cert-file /etc/zabbix/ssl/zabbix_server.crt --tls-key-file /etc/zabbix/ssl/zabbix_server.key --tls-agent-cert-issuer "CN=Signing CA,OU=Development group,O=Zabbix SIA,DC=zabbix,DC=com" --tls-agent-cert-subject "CN=Zabbix proxy,OU=Development group,O=Zabbix SIA,DC=zabbix,DC=co" zabbix_get [21701]: Get value error: TCP successful, cannot establish TLS to [[127.0.0.1]:10050]: unable to get local issuer certificate: SSL_connect() set result code to SSL_ERROR_SSL: file ../ssl/statem/statem_clnt.c line 1230: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed: TLS write fatal alert "unknown CA"
I even added the subject and issuer option to zabbix_agent.conf to try things out, but no luck...
Any advice or a good tutorial?
Comment