Hi,
I am attempting to implement a proxy into our Zabbix setup, although all hosts monitored through the proxy are receiving PSK errors. I am not having any issues with the hosts when monitoring without the proxy. I have attempted to configure new hosts and re-configure existing hosts, but they receive the same errors.
I am running version 4.4.4 across the Zabbix server, proxy and agent.
This is all running on CentOS 7.7 servers.
Errors on Zabbix Server
Errors on Zabbix Agent (Monitored Host)
Errors on Proxy
Zabbix Agent (Monitored Host) Config
Frontend is configured with PSK encryption TO and FROM host.
Proxy Config
Frontend is configured with PSK encryption FROM proxy (TO option is grayed out).
Any assistance in troubleshooting this issue would be greatly appreciated.
I am attempting to implement a proxy into our Zabbix setup, although all hosts monitored through the proxy are receiving PSK errors. I am not having any issues with the hosts when monitoring without the proxy. I have attempted to configure new hosts and re-configure existing hosts, but they receive the same errors.
I am running version 4.4.4 across the Zabbix server, proxy and agent.
This is all running on CentOS 7.7 servers.
Errors on Zabbix Server
Code:
autoregistration from "HOST-IP" denied (host:"HOSTNAME" ip:"HOST-IP" port:10050): connection type "TLS with PSK" is not allowed for autoregistration
Code:
cannot send list of active checks to "HOST-IP": host [HOSTNAME] not found
Code:
active check configuration update from [PROXY-IP:10051] started to fail (TCP successful, cannot establish TLS to [[PROXY-IP]:10051]: SSL_connect() set result code to SSL_ERROR_SSL: file s3_pkt.c line 1493: error:1409445B:SSL routines:ssl3_read_bytes:reason(1115): SSL alert number 115: TLS read fatal alert "unknown PSK identity")
Code:
cannot find requested PSK identity "HOSTNAME-RANDOM_DIGITS"
Code:
failed to accept an incoming connection: from HOST-IP: TLS handshake set result code to 1: file s3_srvr.c line 2819: error:1408B0DF:SSL routines:ssl3_get_client_key_exchange:psk identity not found: TLS write fatal alert "unknown PSK identity"
Zabbix Agent (Monitored Host) Config
Code:
Server=PROXY-IP ServerActive=PROXY-IP TLSConnect=psk TLSAccept=psk TLSPSKIdentity=HOSTNAME-RANDOM_DIGITS TLSPSKFile=/etc/zabbix/zabbix_agent.psk
Proxy Config
Code:
Server=ZABBIX-SERVER-IP TLSConnect=psk TLSAccept=psk TLSPSKIdentity=HOSTNAME-RANDOM_DIGITS TLSPSKFile=/etc/zabbix/zabbix_proxy.psk
Any assistance in troubleshooting this issue would be greatly appreciated.
Comment