Configuring TLS in net-snmp v5.6.1.1

Tue, 03 Dec 2013 08:49:02 -0800 

I am running net-snmp as an embedded application under CentOS.  I am using
v5.6.1.1 instead of v5.7.x because I was unable to bring up v5.7.x as an
embedded app.

I am having difficulty configuring net-snmp v5.6.1.1 for TLS.  I have
verified from the config.log that configure is being invoked with  the
“--with-security-modules=tsm --with-transports=DTLSUDP,TLSTCP” options per
the instructions at http://www.net-snmp.org/wiki/index.php/Using_DTLS.
My snmpd.conf contains



agentaddress udp:161

agentaddress udp6:161

agentaddress dtlsudp:10161

agentaddress tlstcp:10161

[snmp] serverCert /var/HSE/idevid_cert.pem

[snmp] defX509ServerPub /var/HSE/idevid_cert.pem

[snmp] defX509ServerPriv /var/HSE/idevid_key_pair.key

[snmp] clientCert /var/HSE/allPubCerts.crt

[snmp] defX509ClientPub /var/HSE/allPubCerts.crt

[snmpd]

setserialno 1681692777

engineBoots 1

oldEngineID 0x80001f888067458b6b9da39c52

createUser xyz SHA -l 0xe8479ddd8eb5831281d1321ae86cc8946a95d6b8 AES -l
0xe8479ddd8eb5831281d1321ae86cc894



But when I execvp snmpd I get the following output on stderr



/tmp/snmpd.conf: line 35: Warning: Unknown token: serverCert.

/tmp/snmpd.conf: line 36: Warning: Unknown token: defX509ServerPub.

/tmp/snmpd.conf: line 37: Warning: Unknown token: defX509ServerPriv.

/tmp/snmpd.conf: line 38: Warning: Unknown token: clientCert.

/tmp/snmpd.conf: line 39: Warning: Unknown token: defX509ClientPub.

getaddrinfo: dtlsudp Name or service not known

getaddrinfo("dtlsudp", NULL, ...): Name or service not known

Error opening specified endpoint "dtlsudp:10161"



I have also tried removing the tlstcp:10161 and dtlsudp:10161 from the
snmpd.conf and added it to the argument list in the execvp as tlstcp:10161
and dtlsudp:10161 but I get the same stderr output.



Are the instructions on the current web pages specific to net-snmp v5.7.x?
If so, what needs to be done to bring up tls support in 5.6.1.1?


Thank you for your consideration

------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT 
organizations don't have a clear picture of how application performance 
affects their revenue. With AppDynamics, you get 100% visibility into your 
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Reply via email to