Open SH30G0RATH opened 2 days ago
Hi,
we believe the problem is the go library that telegraf uses to perform the request doesn’t support an endpoint that uses a certificate with an extended key usage attribute.
We are using Go's standard library with net/http.Request
and then the crypto/tls
to parse and setup TLS. You need to identify what field in your certificate is causing the issue, that way you can also go file an upstream issue to get this resolved.
Looking upstream I do see some issues referencing extended key usage:
Is it possible you are setting a directory name like the first issue?
As a workaround if you set insecure_skip_verify = true
does that bypass checking this?
In any case, this really needs to be solved upstream and not here.
Relevant telegraf.conf
Logs from Telegraf
System info
Telegraf 1.30.1 - Rocky 9.3 - Docker version 26.0.1, build d260a54
Docker
No response
Steps to reproduce
Expected behavior
expected behaviour is that the checks via inputs.http_response would provide the same response code as when using curl = "200 OK"
Actual behavior
actual behavior is a result_code=3i,result_type="connection_failed"
however there is no problem with the site.
Telegraf documentation suggests that a result_code=3 is a networking failure outside of telegraf, but I can use curl from the same server to show otherwise.
Additional info
we believe the problem is the go library that telegraf uses to perform the request doesn’t support an endpoint that uses a certificate with an extended key usage attribute.