zorka icon indicating copy to clipboard operation
zorka copied to clipboard

Published 20 hours ago verified publisher icon jitlogic

TLS support

Open mabrarov opened this issue 7 years ago • 2 comments
trafficstars

Not an issue but feature request: It would be very helpful if Zorka could support TLS - both certificate based TLS and TLS PSK, in both passive and active modes. This would make Zorka complete equivalent to Zabbix Java gateway in terms of supported features.

mabrarov avatar Mar 23 '18 19:03 mabrarov

I still remember about this :) I have to backport some TLS library that does not interfere with built in JVM cryptography/SSL/TLS implementation, possibly BouncyCastle.

jitlogic avatar Oct 20 '18 12:10 jitlogic

does not interfere with built in JVM cryptography/SSL/TLS implementation

That's the reason I started thinking that native JVM agent (bridge to JMX with Zabbix Agent interface implemented as native JVM agent) could be a better choice:

  1. no need to care about interfering with Java libraries (standard or 3rd-party), additionally this fact gives freedom in terms of available solutions for cryptography (though there is a chance that static linking will be required)
  2. doesn't use JVM heap so won't be (much) impacted by high memory consumption of Java application (at least is able to report about that before JMX will be down)
  3. doesn't impact GC ("C++ doesn't produce garbage" joke), i.e. smaller footprint for the monitored Java application

I know (have some experience with) Dyntrace uses (provides) native JVM agent for monitoring of Java applications.

mabrarov avatar Oct 20 '18 14:10 mabrarov