Open downright-ux opened 2 years ago
@downright-ux did you ever solve this? I have got the exact same issue.
My hosting provider did some migration and appears to have changed my Certificate Authority. Both wget
and curl
to my website was suddenly failing due to certificate errors. I solved that by manually downloading the CA certificate and updating certificates (sudo dpkg-reconfigure ca-certificates
) on Ubuntu.
Blackbox probes started failing at the same time and I assume it's the same problem. I tried to specify the certificate file using tls_config
and ca_file
as you have done in your config above. But it makes no difference, still getting 403 forbidden errors with or without the tls_config.
I also tried adding insecure_skip_verify: true
but no difference.
Try to place your custom CA certs in this location (excerpt from helm chart values)
extraSecretMounts:
- name: custom-ca
mountPath: /etc/ssl/certs/Custom-Issuing-CA.pem
subPath: "Custom-Issuing-CA.pem"
secretName: custom-ca
readOnly: true
defaultMode: 420
I 'm trying to configure blackbox to work with our custom CA . I see issue in the logs .
My configuration for blackbox.yaml
services: blackbox-exporter: container_name: blackbox-exporter image: bitnami/blackbox-exporter network_mode: host restart: always ports:
/data/monitoring/blackbox/blackbox.yaml:/opt/bitnami/blackbox-exporter/blackbox.yml
alertmanager: image: prom/alertmanager container_name: alertmanager ports:
./alertmanager/:/etc/alertmanager/ network_mode: host restart: always