should have an option to verify SSL CA for Icinga API

[lesinigo]

Expected Behavior

IcingaBeat should allow me to verify Icinga2 API SSL certificate against a specific CA (or list thereof).

Current Behavior

I cannot specify a [list of] CA and IcingaBeat complains:

2017-08-03T14:48:41+02:00 ERR Error connecting to API: Get https://foo.bar.baz:5665/v1/status: x509: certificate signed by unknown authority

Possible Solution

Have a config parameter to specify a CA, just like ssl.certificate_authorities in the beat output.* sections.

Steps to Reproduce (for bugs)

1. install IcingaBeat and let it talk to Icinga2 API
2. it doesn't

Ugly workaround

icingabeat:
  # Skip SSL verification
  skip_ssl_verify: true

Your Environment

• Beat version: icingabeat version 5.3.2 (amd64), libbeat 5.3.2 (installed from the deb file released on GitHub)
• Icinga 2 version: icinga2 - The Icinga 2 network monitoring daemon (version: r2.6.3-1) (installed from packages.icinga.com)
• Operating System and version: Ubuntu 16.04 fully updated

[bobapple]

fixed in https://github.com/Icinga/icingabeat/commit/9011a0f8ebc1d9d5bd911964c65f976fadb300ec