Moogsoft Docs

Configuring SSL in Zabbix

To enable SSL communication in Zabbix, proceed as follows:

  1. Create a directory and navigate to it using the following command:

    mkdir /etc/ssl/webserver && cd /etc/ssl/webserver
  2. Generate a self-signed certificate:

    openssl req -new -x509 -days 1825 -sha256 -nodes -out ./server.crt \ -keyout ./server.key
  3. Make the private key readable by the root user only:

    chmod 0600 ./server.key
  4. Open the file ssl.conf file present in the httpd directory of apache. Enter the IP address of the server with the SSL port i.e. 443 in the ServerName field  and enter the path of the certificate and key file generated above, as shown below:

    ServerName <IP Address>:443
    SSLCertificateFile    /etc/ssl/webserver/server.crt 
    SSLCertificateKeyFile /etc/ssl/webserver/server.key


    The ssl.conf file can be found at the location /etc/httpd/conf.d. This path can change depending where the apache is installed on the machine

  5. Create a keystore.jks file using the above-created server.crt

    keytool -genkey -alias mydomain -keyalg RSA -keystore KeyStore.jks -keysize 2048
    keytool -import -alias foo -file server.crt -keystore KeyStore.jks

The SSL is configured in Zabbix Server. Copy the Keystore.jks file to the machine where the LAM is running.