Thanks for the report. I've reassigned the bug to net-snmp, since this is not a nagios-plugins issue.
I'm also having a bit of trouble reproducing this one. I think I generated the certificates correctly by doing:
# net-snmp-cert genca -I -n hostname.example.com # net-snmp-cert gencsr -I -t snmpd -n hostname.example.com --san DNS:snmpd.example.com # net-snmp-cert signcsr -I --with-ca hostname.example.com --csr snmpd # cd /etc/snmp/tls # mv newcerts/*.crt certs/ # chmod a+r certs/* ca-certs/*
I also added the following lines to /etc/snmp/snmpd.conf:
[snmp] localCert /etc/snmp/tls/certs/snmpd.crt [snmp] trustCert /etc/snmp/tls/ca-certs/hostname.example.com.crt
The only debug mode I could find was passing -D to snmpd, so I edited snmpd.service to do that. I can't anything about trustCert on the logs, though.
Could you please provide a more detailed instruction on how to reproduce the failure?
Thanks for the report. I've reassigned the bug to net-snmp, since this is not a nagios-plugins issue.
I'm also having a bit of trouble reproducing this one. I think I generated the certificates correctly by doing:
# net-snmp-cert genca -I -n hostname. example. com example. com --san DNS:snmpd. example. com example. com --csr snmpd
# net-snmp-cert gencsr -I -t snmpd -n hostname.
# net-snmp-cert signcsr -I --with-ca hostname.
# cd /etc/snmp/tls
# mv newcerts/*.crt certs/
# chmod a+r certs/* ca-certs/*
I also added the following lines to /etc/snmp/ snmpd.conf:
[snmp] localCert /etc/snmp/ tls/certs/ snmpd.crt tls/ca- certs/hostname. example. com.crt
[snmp] trustCert /etc/snmp/
The only debug mode I could find was passing -D to snmpd, so I edited snmpd.service to do that. I can't anything about trustCert on the logs, though.
Could you please provide a more detailed instruction on how to reproduce the failure?