PSK requires Stunnel version 5.09 or higher. For an example of setting up authentication using PSK, see https://www.stunnel.org/auth.html. Note that the minimum PSK key length is 20 chars. Use the following steps to enable PSK for Agents.
Change PSK key file owner and group to ‘uptimeagent’, for example:
chown uptimeagent /opt/uptime-agent/conf/psk.txt chgrp uptimeagent /opt/uptime-agent/conf/psk.txt
The following is an example of Stunnel configuration for the PSK support:
exec = /opt/uptime-agent/bin/uptimeagent options = NO_SSLv2 options = NO_SSLv3 options = NO_TLSv1 options = NO_TLSv1.1 ciphers=PSK PSKsecrets=/opt/uptime-agent/conf/psk.txt PSKidentity=test1 Content of /opt/uptime-agent/conf/psk.txt: test1:qqtest11qqtest11qqtest11
- Enable the option test
Example of Stunnel configuration for the PSK support:
2. Enable option ‘Use TLS-PSK’ or corresponding options in Global Credentials Settings when adding Agents in
Monitoring Station.