directory for SSL keys: mkdir -p /etc/httpd/ssl/private chmod 700 /etc/httpd/ssl/private Create SSL certificate: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/private/apache-selfsigned LDER%\mykey.psk"^ TLSCAFILE="c:\temp\f.txt1"^ TLSCRLFILE="c:\temp\f.txt2"^ TLSSERVERCERTISSUER="My CA"^ TLSSERVERCERTSUBJECT="My Cert"^ TLSCERTFILE="c:\temp\f.txt5"^ TLSKEYFILE="c:\temp\f.txt6"^ ENABLEPATH=1^ environment variables /var/lib/zabbix/ssl/certs The volume is used as location of SSL client certificate files for client authentication. It is the SSLCertLocation parameter in zabbix_server.conf

modified. The Configure DB connection step of Zabbix web interface now features a new checkbox Verify certificate with additional options appearing upon marking it. Parameters that are unavailable in the particular ASAv SNMP - monitoring of Cisco Adaptive Security Virtual Appliance (ASAv) via SNMP; • Website certificate by Zabbix agent 2 - native monitoring of TLS/SSL website certificates by Zabbix agent 2. You can directory for SSL keys: mkdir -p /etc/httpd/ssl/private chmod 700 /etc/httpd/ssl/private Create SSL certificate: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/private/apache-selfsigned

directory for SSL keys: mkdir -p /etc/httpd/ssl/private chmod 700 /etc/httpd/ssl/private Create SSL certificate: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/private/apache-selfsigned environment variables /var/lib/zabbix/ssl/certs The volume is used as location of SSL client certificate files for client authentication. It is the SSLCertLocation parameter in zabbix_server.conf parameter in zabbix_server.conf /var/lib/zabbix/ssl/ssl_ca The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is the SSLCALocation parameter in zabbix_server

verify_ca - connect using TLS and verify certificate; 17 • verify_full - connect using TLS, verify certificate and verify that database identity (CN) specified by DBHost matches its certificate; Zabbix in the Configure DB connection step to enable transport encryption. • Mark the Verify database certificate checkbox that appears when TLS encryption field is checked to enable encryption with certificates Database TLS CA file Specify the full path to a valid TLS certificate authority (CA) file. Database TLS key file Specify the full path to a valid TLS key file. Database TLS certificate file Specify the

Cloudflare by HTTP - monitoring of Cloudflare web traffic and DNS metrics via HTTP; • Website certificate by Zabbix agent 2 - native monitoring of TLS/SSL website certificates by Zabbix agent 2. You can directory for SSL keys: mkdir -p /etc/httpd/ssl/private chmod 700 /etc/httpd/ssl/private Create SSL certificate: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/private/apache-selfsigned available with either MySQL/PostgreSQL database and Apache/Nginx webserver support. Note: Verify CA encryption mode doesn’t work on RHEL 7 with MySQL due to older MySQL libraries. Zabbix agent packages

directory for SSL keys: mkdir -p /etc/httpd/ssl/private chmod 700 /etc/httpd/ssl/private Create SSL certificate: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/private/apache-selfsigned environment variables /var/lib/zabbix/ssl/certs The volume is used as location of SSL client certificate files for client authentication. It is the SSLCertLocation parameter in zabbix_server.conf in zabbix_server.conf 61 /var/lib/zabbix/ssl/ssl_ca The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is the SSLCALocation parameter in zabbix_server

username, and password; • TLS encryption parameters: location of the top-level CA(s) certificate, MQTT certificate or certificate chain, private key. All of the new parameters are optional. JavaScript preprocessing for SSL keys: mkdir -p /etc/httpd/ssl/private chmod 700 /etc/httpd/ssl/private Create the SSL certificate: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/private/apache-selfsigned Zabbix sender are available on Zabbix Official Repository for SLES 15 and SLES 12. Note: Verify CA encryption mode doesn’t work on SLES 12 (all minor OS versions) with MySQL due to older MySQL libraries

directory for SSL keys: mkdir -p /etc/httpd/ssl/private chmod 700 /etc/httpd/ssl/private Create SSL certificate: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/private/apache-selfsigned Zabbix sender are available on Zabbix Official Repository for SLES 15 and SLES 12. Note: Verify CA encryption mode doesn’t work on SLES 12 (all minor OS versions) with MySQL due to older MySQL libraries LDER%\mykey.psk"^ TLSCAFILE="c:\temp\f.txt1"^ TLSCRLFILE="c:\temp\f.txt2"^ TLSSERVERCERTISSUER="My CA"^ TLSSERVERCERTSUBJECT="My Cert"^ TLSCERTFILE="c:\temp\f.txt5"^ TLSKEYFILE="c:\temp\f.txt6"^ ENABLEPATH=1^

directory for SSL keys: mkdir -p /etc/httpd/ssl/private chmod 700 /etc/httpd/ssl/private Create SSL certificate: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/private/apache-selfsigned LDER%\mykey.psk"^ TLSCAFILE="c:\temp\f.txt1"^ TLSCRLFILE="c:\temp\f.txt2"^ TLSSERVERCERTISSUER="My CA"^ TLSSERVERCERTSUBJECT="My Cert"^ TLSCERTFILE="c:\temp\f.txt5"^ TLSKEYFILE="c:\temp\f.txt6"^ ENABLEPATH=1^ environment variables /var/lib/zabbix/ssl/certs The volume is used as location of SSL client certificate files for client authentication. It is the SSLCertLocation parameter in zabbix_server.conf

directory for SSL keys: mkdir -p /etc/httpd/ssl/private chmod 700 /etc/httpd/ssl/private Create SSL certificate: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/private/apache-selfsigned LDER%\mykey.psk"^ TLSCAFILE="c:\temp\f.txt1"^ TLSCRLFILE="c:\temp\f.txt2"^ TLSSERVERCERTISSUER="My CA"^ TLSSERVERCERTSUBJECT="My Cert"^ TLSCERTFILE="c:\temp\f.txt5"^ TLSKEYFILE="c:\temp\f.txt6"^ ENABLEPATH=1^ environment variables /var/lib/zabbix/ssl/certs The volume is used as location of SSL client certificate files for client authentication. It is the SSLCertLocation parameter in zabbix_server.conf