Can't get HTTP + TLS to work

[dmuth]

Good afternoon,

I've been having an interesting time trying to get TLS to work under HTTP.

So, this works just fine:

[HttpListenInput] address = "0.0.0.0:8325"

If I add tls = true, I get the expected error:

2016/03/04 19:49:50 Type mismatch for 'http.HttpListenInputConfig.Tls': Type mismatch for tcp.TlsConfig. Expected map but found 'bool'.

When I try to add TLS configuration for HttpListenInput, based on what I saw at http://hekad.readthedocs.org/en/v0.10.0/tls.html#tls

    [HttpListenInput.tls]
    cert_file = "/usr/share/heka/tls/cert.pem"
    key_file = "/usr/share/heka/tls/cert.key"
    client_auth = "RequireAndVerifyClientCert"
    prefer_server_ciphers = true
    min_version = "TLS11"

Based on what I read, this configuration seems sensible. Trying to run hekad, I'd expect at least an error about how the cert and key files don't exist. But instead I get this:

2016/03/04 19:53:46 Error reading config: Error decoding config file: Near line 50, key 'HttpListenInput': Key 'HttpListenInput.tls' has already been defined.

I'm a little confused by that error. I tried removing each configuration item one by one until I was left with just the stanza, and this error persists. I also tried un-indenting the stanza HttpListenInput.tls stanza and got the same error.

Is this a bug, or am I doing something wrong?

Thanks for your time,

-- Doug

[rafrombrc]

In the future, please direct support requests to the #heka channel on irc.mozilla.org or the mailing list.

In this case, you're probably using both tls = true and [HttpListenInput.tls] in your config, so it's complaining (correctly) that you're using tls twice. The correct setting is use_tls = true.

[dmuth]

Oh, do I feel stupid! This is my first time using Heka and I can't believe I made that typo. Thanks for catching it. :-)