scrape insecure not working

Question

scrape insecure not working

strowi opened this issue 7 years ago · 5 comments

Hi,

nice work! But i got a little error, it seems the ssl-certificate of the scrape-target is checked anyway..?

/usr/local/bin/prometheus_nginx_exporter -insecure -nginx.scrape_uri https://localhost/nginx_status_vts
2017/10/27 11:35:22 Starting nginx_vts_exporter (version=0.6, branch=HEAD, revision=e48bd6899d8864b11b9f71f852b049ec3ad2ae26)
2017/10/27 11:35:22 Build context (go=go1.8.3, user=root@3b0fc1d0acb6, date=20170808-07:09:08)
2017/10/27 11:35:22 Starting Server at : :9913
2017/10/27 11:35:22 Metrics endpoint: /metrics
2017/10/27 11:35:22 Metrics namespace: nginx
2017/10/27 11:35:22 Scraping information from : https://localhost/nginx_status_vts
2017/10/27 11:35:23 fetchHTTP failed Get https://localhost/nginx_status_vts: x509: certificate is valid for *.xyz.de, not localhost

Answer 1 · 2017-11-09T18:21:44.000Z

Accessing localhost over HTTPS doesn't make a ton of sense. I would access it over HTTP by running prometheus_nginx_exporter -insecure -nginx.scrape_uri http://localhost/nginx_status_vts.

Accessing a localhost endpoint never leaves the host, so you don't need to worry about unencrypted network traffic. If you're concerned about exposing an unencrypted endpoint on the nginx host, just make sure that the VTS module stats is only listening on localhost.

Answer 2 · 2017-11-11T09:12:45.000Z

Of course you are correct, scraping localhost via ssl doesn't make much sense. I just assumed the error would be the same as scraping some self-signed ssl endpoint.

Answer 3 · 2017-11-13T06:24:36.000Z

Maybe we could consider using -k like curl to do insecure https request?

Answer 4 · 2017-11-15T22:54:16.000Z

yes, i thought thats what the -insecure was for... isn't it?

Answer 5 · 2018-02-25T04:05:12.000Z

support -insecure now, please check the latest release.