Severity: important Package: munin-node Version: 2.0.37-2 Dear maintainer,
I've upgraded my Debian Buster system to OpenSSL 1.1.1-1 (and libnet-ssleay-perl 1.85-2). Now it's impossible to use paranoid TLS setup at Munin-Node: > tls paranoid > tls_verify_certificate yes > tls_private_key /etc/ssl/private/example_server.key > tls_certificate /etc/ssl/certs/example_server.crt > tls_ca_certificate /etc/ssl/certs/example_ca.crt > tls_verify_depth 3 Log output: > CONNECT TCP Peer: "[2001:db8::cafe]:45907" Local: "[2001:db8::beef]:4949" > [ERROR] Could not enable TLS: 5147: 1 - error:1417C086:SSL > routines:tls_process_client_certificate:certificate verify failed > ERROR: Could not establish TLS connection. Closing. at > /usr/share/perl5/Munin/Node/Server.pm line 299, <STDIN> line 1. I've used the same setup before without any problems. Same config is still active and working on other Jessie and Stretch systems. However it's running fine in non-paranoid mode: > tls enabled > tls_verify_certificate no > tls_private_key /etc/ssl/private/example_server.key > tls_certificate /etc/ssl/certs/example_server.crt Any ideas what's going wrong? Anything I could check? btw: My Munin-Master is running at Debian Jessie. -- With kind regards, Christian Schrötter
