Skip to content

Add insecure ssl support to connect to kapacitor#2140

Merged
nhaugo merged 1 commit into
masterfrom
feature/kapa-insecure
Oct 26, 2017
Merged

Add insecure ssl support to connect to kapacitor#2140
nhaugo merged 1 commit into
masterfrom
feature/kapa-insecure

Conversation

@goller

@goller goller commented Oct 20, 2017

Copy link
Copy Markdown
Contributor
  • CHANGELOG.md updated with a link to the PR (not the Issue)
  • Rebased/mergable
  • Tests pass
  • Sign CLA (if not already signed)

Connect #2139

The problem

No support for insecure, self-signed certificates for https connections to kaapcitor

The Solution

Added insecureSkipVerify to the kapacitor REST interface

@goller goller mentioned this pull request Oct 20, 2017
@nhaugo nhaugo merged commit a1ea2c0 into master Oct 26, 2017
@nhaugo nhaugo deleted the feature/kapa-insecure branch October 26, 2017 14:40
@binary0111

binary0111 commented Nov 24, 2017

Copy link
Copy Markdown

Something still seems broken, whether I add Kapacitor from the cmdline using --new-sources or manually POST to chronograf.

# chronograf -v
2017/11/24 04:39:30 Chronograf 1.2.0~n201711230837 (git: 944030d0f17fa50d7d7d6dd58dc8f526c1895bba)
# curl -X POST -H "Content-Type: application/json" -d '{"name":"kapa_test", "url":"https://localhost:9092", "insecureSkipVerify":true, "active":true}' http://localhost:8888/chronograf/v1/sources/1/kapacitors
{"id":"2","name":"kapa_test","url":"https://localhost:9092","insecureSkipVerify":true,"active":true,"links":{"proxy":"/chronograf/v1/sources/1/kapacitors/2/proxy","self":"/chronograf/v1/sources/1/kapacitors/2","rules":"/chronograf/v1/sources/1/kapacitors/2/rules","tasks":"/chronograf/v1/sources/1/kapacitors/2/proxy?path=/kapacitor/v1/tasks","ping":"/chronograf/v1/sources/1/kapacitors/2/proxy?path=/kapacitor/v1/ping"}}

In chronograf's log:

2017/11/24 04:29:52 http: proxy error: x509: certificate is valid for test_box, not localhost
2017/11/24 04:30:34 http: proxy error: x509: certificate is valid for test_box, not localhost

In Kapacitor's log:

log messages must have 'L!' prefix where L is one of 'D', 'I', 'W', 'E'[log] 2017/11/24 04:29:52 http: TLS handshake error from 127.0.0.1:36122: remote error: tls: bad certificate
log messages must have 'L!' prefix where L is one of 'D', 'I', 'W', 'E'[log] 2017/11/24 04:30:34 http: TLS handshake error from 127.0.0.1:36154: remote error: tls: bad certificate

@binary0111

Copy link
Copy Markdown

@goller any hints here? :)

@goller

goller commented Dec 27, 2017 via email

Copy link
Copy Markdown
Contributor Author

@binary0111

Copy link
Copy Markdown

@goller there is already an open issue #2139 for this.

From you earlier comment on #1653 :

I've added the tracking issue for kapacitor insecure ssl here: #2139
I've added support in the chronograf REST server here: #2140

Do you want me to open a separate issue or will #2139 suffice?

@goller

goller commented Jan 9, 2018

Copy link
Copy Markdown
Contributor Author

Ah yes, thank you @binary0111 !

I've just added PR #2689 to fix this.

@binary0111

Copy link
Copy Markdown

Thanks @goller! Much Appreciated :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants