Miriam-R
commented
3 years ago Next steps: Look at Telemetry SDK & see if trust store path or certificate bundle are configurable.
Closed rajumkc closed 3 years ago
Miriam-R
commented
3 years ago Next steps: Look at Telemetry SDK & see if trust store path or certificate bundle are configurable.
RichVanderwal
commented
3 years ago Hi @rajumkc , our apologies for the late reply! Our OpenTelemetry Exporter for Go uses the New Relic Telemetry SDK for Go, which has not specific TLS configuration options.
However, most systems work fine, since Go's http package uses the host system's certificates and all works fine.
We know that Alpine Linux doesn't have these certificates installed by default, but they can be quickly installed with a quick apk update && apk add ca-certificates command.
It might also be the case that your system has a custom certificate chain. In that case, a solution could be found by forking the New Relic Telemetry SDK for Go repo and setting custom TLS configuration for the http.Client's transport.
This is in the context of the error - "{"L":"ERROR","T":"2021-02-15T15:19:55.511Z","C":"newrelicexporter/newrelic.go:47","M":"2021/02/15 15:19:55.511708 {\"err\":\"error posting data: Post \\"https://trace-api.newrelic.com/trace/v1\\": x509: certificate signed by unknown authority\"} ".
The Trace API call is failing due to the certificate error. Log file attached for review.
Question: How to configure the Trust store path, to support NR exporter, for a successful POST to the TraceAPI endpoint (https://trace-api.newrelic.com/trace/v1)?.