treydock
commented
3 years ago @anerdatwork I believe I've resolved this with #20. Previously there was no effort by this exporter to attempt SSL transport setup when making requests to the proxy URL. If you update the system CA bundle you can leave off the new root_ca option, since the default behavior will now be to try and load the system trust store and setup SSL transport if the proxy_url address uses HTTPS. I don't have my proxy setup for SSL so I can't test on a live system but there were some basic unit tests added to validate.
I released v1.3.0-rc.0 that contains this change, let me know if it works for you and I'll release as v1.3.0.
having issues with certificates authority not being recorgnized by the exporter, collector is just using http.Get which should leverage existing local ca bundle in the contianer @ /etc/ssl/certs/ca-certificates.crt , so I went ahead and appended our local CA to it and am still getting errors. Not sure if this is a defect or if another trust store has been defined. (attached to local volume with cert bundle to make persistent)
non https traffic is not an option for us unfortunately :(