Our hosting provider runs haproxy for us and we have access to the stats interface. We have been using a custom script to extract stats, but since metricbeat has a haproxy module, it would be nice to use that instead.
The stats backend is available over HTTPS with authentication and a self-signed certificate. I have no control over that. I found the various options I should use to configure that, and even appended the trailing slash on the URL so that the port number does not get ";csv" appended, but I cannot get it to work.
It looks as if the ssl.verification_mode: none is ignored, as the error I get when testing the config is: x509: cannot validate certificate for 10.5.101.1 because it doesn't contain any IP SANs
Config:
- module: haproxy
metricsets: ["stat"]
hosts: ["https://10.5.101.1:7500/"]
ssl.verification_mode: 'none'
username: 'user'
password: 'pass'
period: 10s
enabled: true
Output:
haproxy...
stat...
error... ERROR failed fetching haproxy stat: couldn't connect: Get https://user:pass@10.5.101.1:7500/;csv: x509: cannot validate certificate for 10.5.101.1 because it doesn't contain any IP SANs
To the best of my understanding, it should not be trying to validate the cert at all! This is metricbeat 6.8.4 running in a docker container. The other modules I have enabled work fine (but don't get their data off a HTTPS url)