SuperQ
commented
2 months ago That is no longer a supported cipher due to insecurity.
It appears you are just listing all ciphers, it would be easier if you simply removed all of them from your configuration.
Host operating system: centos9 arm64
blackbox_exporter version: v0.25.0
What is the prometheus.yml scrape config.
web-config.yml
tls_server_config: cert_file: /etc/prometheus/certs/server.crt key_file: /etc/prometheus/certs/server.key cipher_suites:
http_server_config: http2: false headers: Content-Security-Policy: "default-src 'self' 'unsafe-inline'; img-src 'self' data:;" X-Frame-Options: "sameorigin" X-Content-Type-Options: "nosniff" X-XSS-Protection: "1; mode=block" Strict-Transport-Security: "max-age=31536000; includeSubDomains; preload"
Error:
ts=2024-04-15T06:12:05.533Z caller=main.go:87 level=info msg="Starting blackbox_exporter" version="(version=0.25.0, branch=HEAD, revision=ef3ff4fef195333fb8ee0039fb487b2f5007908f)" ts=2024-04-15T06:12:05.533Z caller=main.go:88 level=info build_context="(go=go1.22.2, platform=linux/arm64, user=root@9b6755681f2e, date=20240409-12:52:48, tags=unknown)" ts=2024-04-15T06:12:05.534Z caller=main.go:100 level=info msg="Loaded config file" ts=2024-04-15T06:12:05.534Z caller=tls_config.go:313 level=info msg="Listening on" address=[::]:9115 ts=2024-04-15T06:12:05.534Z caller=main.go:274 level=error msg="Error starting HTTP server" err="unknown cipher: TLS_RSA_WITH_AES_128_CBC_SHA"