How to skip tls verification when getting config file over https

Hi all,
how can skip tls verification when retrieving config file from a server when certificate is self signed or provided by Let’s encrypt?
I got an error similar to the following :
error loading config file https://serverName:8086/api/v2/telegrafs/0aecdc4770aef000: retry 0 of 3 failed connecting to HTTP config server: Get “https://serverName:8086/api/v2/telegrafs/0aecdc4770aef000”: tls: failed to verify certificate: x509: certificate signed by unknown authority

I didn’t find any infos about this case.



I do not believe we have an ignore or disable TLS or cert verification for remote config files. I think there is good reason to not allow this given the sensitive nature of them at times.

However, if you have the cert, then I would suggest adding it to your system cert pool and I believe Telegraf will look there for it.

I’ve solved adding Let’s encrypt intermediate certificate (Chain of Trust - Let's Encrypt) to my ubuntu cert pool:

apt-get install ca-certificates ca-certificates-java -y
wget -O /usr/local/share/ca-certificates/lets-encrypt-r3.crt
update-ca-certificates --fresh

1 Like