blackbox_exporter icon indicating copy to clipboard operation
blackbox_exporter copied to clipboard

Published 20 hours ago verified publisher icon prometheus

unknown cipher: TLS_RSA_WITH_AES_128_CBC_SHA

Open wcollin opened this issue 2 months ago • 1 comments

Host operating system: centos9 arm64

blackbox_exporter version: v0.25.0

What is the prometheus.yml scrape config.

  • job_name: 'blackbox-exporter' scheme: 'https' tls_config: ca_file: /etc/prometheus/certs/ca.crt cert_file: /etc/prometheus/certs/server.crt key_file: /etc/prometheus/certs/server.key insecure_skip_verify: true static_configs:
    • targets: ['blackbox-exporter:9115']

web-config.yml

tls_server_config: cert_file: /etc/prometheus/certs/server.crt key_file: /etc/prometheus/certs/server.key cipher_suites: - TLS_RSA_WITH_AES_128_CBC_SHA - TLS_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256

http_server_config: http2: false headers: Content-Security-Policy: "default-src 'self' 'unsafe-inline'; img-src 'self' data:;" X-Frame-Options: "sameorigin" X-Content-Type-Options: "nosniff" X-XSS-Protection: "1; mode=block" Strict-Transport-Security: "max-age=31536000; includeSubDomains; preload"

Error:

ts=2024-04-15T06:12:05.533Z caller=main.go:87 level=info msg="Starting blackbox_exporter" version="(version=0.25.0, branch=HEAD, revision=ef3ff4fef195333fb8ee0039fb487b2f5007908f)" ts=2024-04-15T06:12:05.533Z caller=main.go:88 level=info build_context="(go=go1.22.2, platform=linux/arm64, user=root@9b6755681f2e, date=20240409-12:52:48, tags=unknown)" ts=2024-04-15T06:12:05.534Z caller=main.go:100 level=info msg="Loaded config file" ts=2024-04-15T06:12:05.534Z caller=tls_config.go:313 level=info msg="Listening on" address=[::]:9115 ts=2024-04-15T06:12:05.534Z caller=main.go:274 level=error msg="Error starting HTTP server" err="unknown cipher: TLS_RSA_WITH_AES_128_CBC_SHA"

wcollin avatar Apr 15 '24 06:04 wcollin