Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Please support custom CAs for http prober #41

Closed
FauxFaux opened this issue May 31, 2016 · 4 comments
Closed

Please support custom CAs for http prober #41

FauxFaux opened this issue May 31, 2016 · 4 comments

Comments

@FauxFaux
Copy link

The tcp prober supports specifying a custom certificate authority store, but the http one does not.
@brian-brazil
Copy link
Contributor

Would you like to send a PR adding a TLSConfig to the http module?

@lausser
Copy link
Contributor

lausser commented Aug 19, 2016
edited

Hi,
i just played around a bit. Before sending a pull-request, what's better in your opinion?

  1. new option for the http prober
modules:
  http_2xx:
    prober: http
    timeout: 5s
    http:
      valid_status_codes: [] # Defaults to 2xx
      .....
      tls_config:
        insecure_skip_verify: true
  1. using the tcp prober to tell the module how to handle insecure CAs
modules:
  http_2xx:
    prober: http
    timeout: 5s
    http:
      valid_status_codes: [] # Defaults to 2xx
      ...
      no_follow_redirects: false
    tcp:
      tls: true
      tls_config:
        insecure_skip_verify: true

Gerhard

@brian-brazil
Copy link
Contributor

Definitely the former. Probers shouldn't depend on each other.

@lausser lausser mentioned this issue Aug 20, 2016
Merged
@EvertMDC EvertMDC mentioned this issue Nov 4, 2016
Closed
@javefang
Copy link

Looks like this is supported already. This is not documented in this repository, but I noticed you can set "ca_file" under the "tls_config".

e.g.

modules:
  http_2xx:
    probe: http
    timeout: 5s
    http:
      method: GET
      tls_config:
        ca_file: <path_to_custom_ca.pem>

@izenk izenk mentioned this issue Sep 29, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@lausser @FauxFaux @javefang @brian-brazil