Heartbeat: Ignore SSL errors

Input

heartbeat.monitors
  - type: 'http'
    schedule: '@every60s'
    urls:
      - https://someurl.com:443/path/
    timeout: 20
    status: 200

Now, when the certifcate cannot be validated, I get an error:

Output

error.type: io
error.message: Get https://someurl.com:443/path/: x509 cannot validate certificate for 123.456.78.9 because it doesnt contain any IP SANs

As a consequence, up is false, even though the server is up.

Suggestion

Introduce some flag, maybe ssl_ignore that ignores all these certificate errors.

Try adding ssl.verification_mode: none to the monitor configuration. It should support the same options as listed in the ssl docs.

1 Like

There's also an open enhancement request to allow monitoring the server's certificate chain.

For some reason i didnt notice this in the docs.
The chain enhancement is also very nice.
Thanks!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.