Configure for Not Secure SSL site

Owned by Iryna Ihnatiuk
Sept 07, 2021
2 min read

Suppose, you connect to a Jira, Confluence, Bitbucket or Bamboo instance with an insecure ssl certificate and you have the following config file:

global:
  scrape_interval:     15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
  evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
  # scrape_timeout is set to the global default (10s).



# A scrape configuration containing exactly one endpoint to scrape:
scrape_configs:
  - job_name: 'jira'
    scheme: https #change to http if don't you have https
    metrics_path: '/plugins/servlet/prometheus/metrics'
    static_configs:
    - targets: ['yourinstance.com']

In this case if you run Prometheus and choose the System → Targets menu you will see the following message:

As you can see the error is:

 x509: certificate has expired or is not yet valid

We need to tell Prometheus not to check the ssl certificate and we can do it with the following  parameters:

tls_config:
      insecure_skip_verify: true

And your final config file would look like this:

# my global config
global:
  scrape_interval:     15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
  evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
  # scrape_timeout is set to the global default (10s).



# A scrape configuration containing exactly one endpoint to scrape:
scrape_configs:
  - job_name: 'bitbucket'
    scheme: https #change to http if don't you have https
    metrics_path: '/plugins/servlet/prometheus/metrics'
    static_configs:
    - targets: ['yourinstance.com']
    tls_config:
      insecure_skip_verify: true

Now your endpoint will up and ready.