Public bug reported: Certificate allowed_uses are not indexed by net-snmp. As a result, the trustCert option works the first time snmpd is started, but fails thereafter.
In addition, there is no support for intermediate certificates (they are ignored) and as a result no possibility to use net-snmp with Let's Encrypt. Steps to Reproduce: 1. Configure net-snmp for DTLS using localCert and trustCert. 2. Load net-snmp once with empty index. 3. Reload net-snmp. Actual results: trustCert is no longer recognised, as the "CA" flag is unindexed and missing. Expected results: trustCert works properly. Additional info: Patches to update net-snmp to fix this index issue, as well as to properly support CA certificates are available here: https://github.com/net-snmp/net-snmp/issues/255 https://github.com/net-snmp/net-snmp/issues/248 https://github.com/net-snmp/net-snmp/issues/242 https://github.com/net-snmp/net-snmp/issues/241 https://github.com/net-snmp/net-snmp/issues/245 ** Affects: nagios-plugins (Ubuntu) Importance: Undecided Status: New ** Tags: patch ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1912390 Title: [Patch] TLS/DTLS: inconsistent allowed_uses behaviour when in debug mode / not in debug mode To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nagios-plugins/+bug/1912390/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs