Hi.
Setting up e-mail notifications in Zabbix. If use SSL/TLS in setting - get a message:
failed to send email: Out of memory: SSL: couldn't create a context: error:140A90A1:SSL routines:SSL_CTX_new:library has no ciphers
Sending e-mails via plain SMTP works fine, but none of the options including SSL/TLS led to this error.
System details:
Altlinux 4.9.71-std-def-alt0.M80P.1
zabbix-server-pgsql-4.0.4-alt1
libssl10-1.0.2n-alt0.M80P.1
openssl-1.0.2n-alt0.M80P.1
libssl1.1-1.1.0j-alt1
16394:20190301:185036.513 Starting Zabbix Server. Zabbix 4.0.4 (revision 89349).
16394:20190301:185036.513 ****** Enabled features ******
16394:20190301:185036.513 SNMP monitoring: YES
16394:20190301:185036.513 IPMI monitoring: YES
16394:20190301:185036.513 Web monitoring: YES
16394:20190301:185036.513 VMware monitoring: YES
16394:20190301:185036.513 SMTP authentication: YES
16394:20190301:185036.513 Jabber notifications: YES
16394:20190301:185036.513 Ez Texting notifications: YES
16394:20190301:185036.513 ODBC: YES
16394:20190301:185036.513 SSH2 support: YES
16394:20190301:185036.513 IPv6 support: YES
16394:20190301:185036.513 TLS support: YES
16394:20190301:185036.513 ******************************
Haven`t found anything related to zabbix AND this problem on the internet, but it seems that people have similar problem (SSL library has no ciphers)with other software...
Any workarounds?
upd: updating to openssl-1.1.0j-alt1 didn`t solve the problem...
Setting up e-mail notifications in Zabbix. If use SSL/TLS in setting - get a message:
failed to send email: Out of memory: SSL: couldn't create a context: error:140A90A1:SSL routines:SSL_CTX_new:library has no ciphers
Sending e-mails via plain SMTP works fine, but none of the options including SSL/TLS led to this error.
System details:
Altlinux 4.9.71-std-def-alt0.M80P.1
zabbix-server-pgsql-4.0.4-alt1
libssl10-1.0.2n-alt0.M80P.1
openssl-1.0.2n-alt0.M80P.1
libssl1.1-1.1.0j-alt1
16394:20190301:185036.513 Starting Zabbix Server. Zabbix 4.0.4 (revision 89349).
16394:20190301:185036.513 ****** Enabled features ******
16394:20190301:185036.513 SNMP monitoring: YES
16394:20190301:185036.513 IPMI monitoring: YES
16394:20190301:185036.513 Web monitoring: YES
16394:20190301:185036.513 VMware monitoring: YES
16394:20190301:185036.513 SMTP authentication: YES
16394:20190301:185036.513 Jabber notifications: YES
16394:20190301:185036.513 Ez Texting notifications: YES
16394:20190301:185036.513 ODBC: YES
16394:20190301:185036.513 SSH2 support: YES
16394:20190301:185036.513 IPv6 support: YES
16394:20190301:185036.513 TLS support: YES
16394:20190301:185036.513 ******************************
Code:
# openssl ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:DH-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DH-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:DH-DSS-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DH-RSA-AES128-SHA256:DH-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DH-RSA-AES128-SHA:DH-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DH-RSA-SEED-SHA:DH-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DH-RSA-CAMELLIA128-SHA:DH-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:PSK-AES128-CBC-SHA:KRB5-IDEA-CBC-SHA:KRB5-IDEA-CBC-MD5:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:KRB5-RC4-SHA:KRB5-RC4-MD5:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:SRP-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DH-RSA-DES-CBC3-SHA:DH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:PSK-3DES-EDE-CBC-SHA:KRB5-DES-CBC3-SHA:KRB5-DES-CBC3-MD5
Any workarounds?
upd: updating to openssl-1.1.0j-alt1 didn`t solve the problem...
Comment