Add support for TLS
This commit is contained in:
parent
738268d20e
commit
5388e00b05
|
@ -0,0 +1,33 @@
|
|||
{
|
||||
my @encryptions = ();
|
||||
my $psk_file = ${'zabbix-agent'}{'TLSPSKFile'} || '/etc/zabbix/zabbix_agentd.psk';
|
||||
my $psk_id = ${'zabbix-agent'}{'TLSPSKIdentity'} || $SystemName . '.' . $DomainName . '-agent';
|
||||
if (-s $psk_file){
|
||||
push @encryptions, 'psk';
|
||||
$OUT .=<<_EOF;
|
||||
TLSPSKFile=$psk_file
|
||||
TLSPSKIdentity=$psk_id
|
||||
_EOF
|
||||
}
|
||||
|
||||
my $cert = ${'zabbix-agent'}{'TLSCertFile'} || '/etc/zabbix/zabbix_agentd.crt';
|
||||
my $key = ${'zabbix-agent'}{'TLSKeyFile'} || '/etc/zabbix/zabbix_agentd.key';
|
||||
my $ca = ${'zabbix-agent'}{'TLSCAFile'} || '/etc/zabbix/zabbix_agentd.ca';
|
||||
if (-s $cert && -s $key && -s $ca){
|
||||
push @encryptions, 'cert';
|
||||
$OUT .=<<_EOF;
|
||||
TLSCertFile=$cert
|
||||
TLSKeyFile=$key
|
||||
TLSCAFile=$ca
|
||||
_EOF
|
||||
my $issuer = ${'zabbix-agent'}{'TLSServerCertIssuer'} || '';
|
||||
my $subject = ${'zabbix-agent'}{'TLSServerCertSubject'} || '';
|
||||
$OUT .= "TLSServerCertIssuer=$issuer\n" if ($issuer ne '');
|
||||
$OUT .= "TLSServerCertSubject=$subject\n" if ($subject ne '');
|
||||
}
|
||||
my $encryptions = (scalar @encryptions > 0) ? join(',', @encryptions) : 'unencrypted';
|
||||
$OUT .=<<_EOF;
|
||||
TLSConnect=$encryptions
|
||||
TLSAccept=$encryptions
|
||||
_EOF
|
||||
}
|
Loading…
Reference in New Issue