[x509_cert] add authority to telegraf container

Tuxem · September 2, 2022, 9:17am

Hi,

We have our own authority to generate our certificates.

We use the telegraf:1.23.4 from docker hub.

Our config is :

[[inputs.x509_cert]]
  sources= ["https://vault.mydomain.tld:443"]

Our results are :

[...] verification="invalid",verification_error="x509: certificate signed by unknown authority"}

We tried to add our authority in /usr/local/share/ca-certificates/ and update with /usr/sbin/update-ca-certificates but still unkown authority.

Any idea ?

EDIT :

On docker container :

$ openssl s_client -servername vault.mydomain.tld-connect vault.mydomain.tld:443

Succed with no error validating certificates

Tuxem · September 2, 2022, 3:07pm

My bad ! I just needed to rename .cer to .crt and all work better now !

Topic		Replies	Views
Tls: failed to verify certificate: x509: certificate signed by unknown authority Telegraf telegraf	1	115	October 30, 2024
Using telegraf with plugin http , Error x509: certificate signed by unknown authority Telegraf telegraf , plugin	1	447	October 23, 2023
Speedtest.net not trusted in Telegraf Docker container Telegraf telegraf	7	582	July 6, 2023
Error in X509 certificate checking Telegraf	6	1302	June 9, 2023
Proxies Telegraf via Nginx - certificate signed by unknown authority Telegraf telegraf	4	2717	February 18, 2021