Since version 2.0, SNMP4J and SNMP4J-Agent support TLS. This How-To describes how those SNMP4J APIs are configured to use TLS.
How to configure SNMP4J to use TLS?
The following steps prepare the SNMP4J API for TLS usage:
- The SNMP TLS Transport Model (TLSTM) uses certificate based authentication, thus we need to configure a trust store for client authentication (SNMP command generator) and a key store (SNMP command responder):
-Djavax.net.ssl.trustStore=<trustStoreFilePath> -Djavax.net.ssl.trustStorePassword=<trustStorePassword> -Djavax.net.ssl.keyStore=<keyStoreFilePath> -Djavax.net.ssl.keyStorePassword=<keyStorePassword>
- The TLSTM TransportMapping may be used with TlsAddress classes only:
// create the TLS transport mapping: AbstractTransportMapping transport = new TLSTM(); MessageDispatcher md = new MessageDispatcherImpl(); // we need MPv3 for TLSTM: md.addMessageProcessingModel(new MPv3()); Snmp snmp = new Snmp(md, transport); // create and initialize the TransportSecurityModel TSM: SecurityModels.getInstance().addSecurityModel(new TSM(new OctetString(mpv3.getLocalEngineID()), false)); // do not forget to listen for responses: snmp.listen();