fortigate_exporter icon indicating copy to clipboard operation
fortigate_exporter copied to clipboard

Published 20 hours ago verified publisher icon bluecmd

Bug : Unable to fetch data after forcing tls1.2 on fortigate

Open BeArchiTek opened this issue 3 years ago • 2 comments

Hello,

After forcing tls1.2+ on fortigate, the exporter is not able to get the data.

Steps to reproduce :

1- change firewall configuration

config global
  config system global
    set admin-https-ssl-versions tlsv1-2
  end
end

2- Check prometheus logs.

Best regards,

BeArchiTek avatar Oct 29 '21 16:10 BeArchiTek

I guess adding

tc.MinVersion = tls.VersionTLS12

after https://github.com/bluecmd/fortigate_exporter/blob/81adda5136cc5f9160c0ec7c9f10ccdcd63713a4/pkg/http/main.go#L52 could work.

BeArchiTek avatar Nov 01 '21 11:11 BeArchiTek

I am not able to reproduce this. I added the suggested configuration to my Fortigate 61F running 7.0.6 and the exporter is able to fetch data just fine.

I verified with cURL that TLS 1.1 does not work, and TLS 1.2 works.

Is this still an issue with the latest builds @BeArchiTek ?

bluecmd avatar Aug 07 '22 14:08 bluecmd

Hello,

Sorry for the late reply. Didn't reproduced in 7.0.6 either.

(i anyone is reading that with the same issue, i was in 7.0.2)

BeArchiTek avatar Aug 29 '22 16:08 BeArchiTek