Want more timely Centmin Mod News Updates?
Become a Member

Percona monitoring tool - The certificate is not trusted because it is self-signed

Discussion in 'Other Web Apps usage' started by pamamolf, Jan 17, 2018.

  1. pamamolf

    pamamolf Well-Known Member

    3,119
    295
    83
    May 31, 2014
    Ratings:
    +531
    Local Time:
    8:57 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    Hello :)

    I am trying to setup Percona monitoring tool on my tests servers :)

    So i have one server with one domain inside and a remote test server....

    I install agent/client part at my web and at the remote server the server part...

    I open the related ports and all seems to be ok.....

    The server can't connect to the web server to get the stats...

    Using the prometheus tool i can see that it tries to get the stats from:

    linux metrics:
    but when i try manually to check that page i am getting a warning:

    and if i accept it i can see the stats data there.

    But i can't accept that remotely to get the data :(

    I know that Centminmod is using that custom certificate when using the ip but any ideas what i can do for that?

    Thank you
     
  2. wmtech

    wmtech Member

    74
    19
    8
    Jul 22, 2017
    Ratings:
    +45
    Local Time:
    7:57 PM
    # pmm-admin check-network

    is your friend. ;)
     
    • Informative Informative x 1
  3. pamamolf

    pamamolf Well-Known Member

    3,119
    295
    83
    May 31, 2014
    Ratings:
    +531
    Local Time:
    8:57 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    That's how i found the above info :)
     
  4. pamamolf

    pamamolf Well-Known Member

    3,119
    295
    83
    May 31, 2014
    Ratings:
    +531
    Local Time:
    8:57 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    The issue is related to the custom ssl certificate that Centminmod setup and the Percona monitoring tool can't see the stats behind it :(
     
  5. eva2000

    eva2000 Administrator Staff Member

    37,189
    8,123
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,508
    Local Time:
    4:57 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Just setup a letsencrypt trusted ssl cert instead
     
  6. pamamolf

    pamamolf Well-Known Member

    3,119
    295
    83
    May 31, 2014
    Ratings:
    +531
    Local Time:
    8:57 PM
    Nginx-1.13.x
    MariaDB 10.1.x
  7. pamamolf

    pamamolf Well-Known Member

    3,119
    295
    83
    May 31, 2014
    Ratings:
    +531
    Local Time:
    8:57 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    @eva2000

    Any ideas for this?

    Thank you :)
     
  8. eva2000

    eva2000 Administrator Staff Member

    37,189
    8,123
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,508
    Local Time:
    4:57 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  9. pamamolf

    pamamolf Well-Known Member

    3,119
    295
    83
    May 31, 2014
    Ratings:
    +531
    Local Time:
    8:57 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    But the issue is related to the custom Centminmod certificate for the ip and it loos like if it is possible a solution to be either disable it or make it in a way a valid one :)
     
  10. eva2000

    eva2000 Administrator Staff Member

    37,189
    8,123
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,508
    Local Time:
    4:57 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    PMM has options to handle untrusted/self signed ssl certs AFAIK. It's in the manual.
     
    • Informative Informative x 1
..