Join the community today
Become a Member

Percona monitoring tool - The certificate is not trusted because it is self-signed

Discussion in 'Other Web Apps usage' started by pamamolf, Jan 17, 2018.

  1. pamamolf

    pamamolf Well-Known Member

    2,981
    278
    83
    May 31, 2014
    Ratings:
    +490
    Local Time:
    7:08 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    Hello :)

    I am trying to setup Percona monitoring tool on my tests servers :)

    So i have one server with one domain inside and a remote test server....

    I install agent/client part at my web and at the remote server the server part...

    I open the related ports and all seems to be ok.....

    The server can't connect to the web server to get the stats...

    Using the prometheus tool i can see that it tries to get the stats from:

    linux metrics:
    but when i try manually to check that page i am getting a warning:

    and if i accept it i can see the stats data there.

    But i can't accept that remotely to get the data :(

    I know that Centminmod is using that custom certificate when using the ip but any ideas what i can do for that?

    Thank you
     
  2. wmtech

    wmtech New Member

    26
    12
    3
    Jul 22, 2017
    Ratings:
    +20
    Local Time:
    6:08 PM
    # pmm-admin check-network

    is your friend. ;)
     
    • Informative Informative x 1
  3. pamamolf

    pamamolf Well-Known Member

    2,981
    278
    83
    May 31, 2014
    Ratings:
    +490
    Local Time:
    7:08 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    That's how i found the above info :)
     
  4. pamamolf

    pamamolf Well-Known Member

    2,981
    278
    83
    May 31, 2014
    Ratings:
    +490
    Local Time:
    7:08 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    The issue is related to the custom ssl certificate that Centminmod setup and the Percona monitoring tool can't see the stats behind it :(
     
  5. eva2000

    eva2000 Administrator Staff Member

    32,303
    7,172
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,906
    Local Time:
    3:08 AM
    Nginx 1.13.x
    MariaDB 5.5
    Just setup a letsencrypt trusted ssl cert instead
     
  6. pamamolf

    pamamolf Well-Known Member

    2,981
    278
    83
    May 31, 2014
    Ratings:
    +490
    Local Time:
    7:08 PM
    Nginx-1.13.x
    MariaDB 10.1.x
  7. pamamolf

    pamamolf Well-Known Member

    2,981
    278
    83
    May 31, 2014
    Ratings:
    +490
    Local Time:
    7:08 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    @eva2000

    Any ideas for this?

    Thank you :)
     
  8. eva2000

    eva2000 Administrator Staff Member

    32,303
    7,172
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,906
    Local Time:
    3:08 AM
    Nginx 1.13.x
    MariaDB 5.5
  9. pamamolf

    pamamolf Well-Known Member

    2,981
    278
    83
    May 31, 2014
    Ratings:
    +490
    Local Time:
    7:08 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    But the issue is related to the custom Centminmod certificate for the ip and it loos like if it is possible a solution to be either disable it or make it in a way a valid one :)
     
  10. eva2000

    eva2000 Administrator Staff Member

    32,303
    7,172
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,906
    Local Time:
    3:08 AM
    Nginx 1.13.x
    MariaDB 5.5
    PMM has options to handle untrusted/self signed ssl certs AFAIK. It's in the manual.
     
    • Informative Informative x 1