Snmp tls with sha256 certificate failed in net-snmp.5.7.3

SNMPTLS with SHA1 certificate works fine in 5.7.3. I have updated netsnmp to 5.7.3 for SHA256 support, but the snmpd daemon shows an error

"error finding server identity keys"

Command:

snmpget -v 3 --defSecurityModel=tsm -u joecool -l authPriv -T our_identity=manager -T their_identity=snmpd tlstcp:192.168.1.125:10161 sysContact.0

      

        
        
        
      

    

Snmpget command throws the following error

tlstcp: failed to ssl_connect
snmpget: Unknown host (tlstcp:192.168.1.125:10161)

      

        
        
        
      

    

snmpd demon throws an error:

TLSTCP: Failed to create a SSL BIO

      

        
        
        
      

    

The configuration in snmpd.conf is shown below:

 master agentx
 agentXTimeout 100
 [snmp] localCert 0D:C1:CA:B7:2A:83:5E:43:42:1E:A1:0D:07:2C:97:2B:B5:75:20:2B
 rwcommunity public
 certSecName 10 9A:C9:59:BC:A8:C4:C1:01:4B:6F:0E:57:CB:3E:3E:6E:AD:08:E0:9E --cn
 rwuser -s tsm "joecool"

      

        
        
        
      

    

start snmpd

 snmpd -f -Lo -C -c /usr/share/snmp/snmpd.conf -Dtsm,dtls,openssl,cert tlstcp:10161 dtlsudp:10161 udp:161

      

        
        
        
      

    

Detailed error log is given below:

Blockquote

Enabling AgentX wizard support. cert: util: config: parsing 10 9A: C9: 59: BC: A8: C4: C1: 01: 4B: 6F: 0E: 57: CB: 3E: 3E: 6E: AD: 08: E0: 9E - cn cert : find: params: looks for remote_peer (2) in MULTIPLE (0x200), hint 3196293592 cert: find: params: looks for remote_peer (2) in FINGERPRINT (0x2), hint 3196293592 cert: find: params: hint = 9A: C9: 59 : BC: A8: C4: C1: 01: 4B: 6F: 0E: 57: CB: 3E: 3E: 6E: AD: 08: E0: 9E cert: find: params: looks for remote_peer (2) in FILE (0x1) , hint 3196293592 cert: find: params: hint = 9A: C9: 59: BC: A8: C4: C1: 01: 4B: 6F: 0E: 57: CB: 3E: 3E: 6E: AD: 08: E0: 9E cert: map: add: pri 10, fp 9ac959bca8c4c1014b6f0e57cb3e3e6ead08e09e cert: find: params: find identity (1) at DEFAULT (0x0), hint 0 cert: find: params: find identity (1) in MULTIPLE (234200) : find: params:find identity (1) in FINGERPRINT (0x2), hint 234144 cert: find: params: hint = 0D: C1: CA: B7: 2A: 83: 5E: 43: 42: 1E: A1: 0D: 07: 2C: 97 : 2B: B5: 75: 20: 2B cert: find: params: find identity (1) in FILE (0x1) hint 234144 cert: find: params: hint = 0D: C1: CA: B7: 2A: 83: 5E : 43: 42: 1E: A1: 0D: 07: 2C: 97: 2B: B5: 75: 20: 2B look up server credentials dtlsudp: netsnmp_dtlsudp_transport (): transports / snmpDTLSUDPDomain.c, 1421: SNMP version was requested, other than from 3, with (D) TLS; using 3 anyway tsm: TSM: Session initiation callback reached NET-SNMP version 5.7.3 `find: params: hint = 0D: C1: CA: B7: 2A: 83: 5E: 43: 42: 1E: A1: 0D: 07: 2C: 97: 2B: B5: 75: 20: 2B find dtlsudp server credentials : netsnmp_dtlsudp_transport (): transports / snmpDTLSUDPDomain.c, 1421: An SNMP version other than 3 was requested with (D) TLS; using 3 anyway tsm: TSM: Session initiation callback reached NET-SNMP version 5.7.3 `find: params: hint = 0D: C1: CA: B7: 2A: 83: 5E: 43: 42: 1E: A1: 0D: 07: 2C: 97: 2B: B5: 75: 20: 2B find dtlsudp server credentials : netsnmp_dtlsudp_transport (): transports / snmpDTLSUDPDomain.c, 1421: An SNMP version other than 3 was requested with (D) TLS; using 3 anyway tsm: TSM: Session initiation callback reached NET-SNMP version 5.7.3 `