I encountered two problems with snmpd when trying to force TLS
connections. First a documentation issue. The man 5 snmpd.conf
states relay options would be:
| relay [backup [mx]] [as address] [source address] [hostname name]
| [hostnames names] [pki pkiname] [tls | verify]
[..]
| Note that the tls and verify options are mutually
| exclusive
In fact, "verify" does not work in 5.5, but one needs to add
"tls verify" to the "relay" (not "relay via") statement.
I.e. the manpage should indeed show "[tls [verify]]".
The second issue is with "listen on". The options "tls-require"
and "secure" seem to be ignored there. Any suggestions?
Cheers
David
--
David Dahlberg
Fraunhofer FKIE, Dept. Communication Systems (KOM) | Tel: +49-228-9435-845
Fraunhoferstr. 20, 53343 Wachtberg, Germany | Fax: +49-228-856277
