what insecure_skip_verify will do

[Sameer Modak]

Hello Team,

If i set  insecure_skip_verify: true will my data be unsecured. Will it be non ssl??

[Alexander Wilke]

It will skip the certificate Check. So certificate May be valid or invalid and is Always trusted.

Connection is still encrypted

[Sameer Modak]

Thanks a lot . Any easy way to check if traffic is secure apart from wireshark. 

[Brian Candler]

It depends what you mean by "secure".

It's encrypted, because you've told it to use HTTPS (HTTP + TLS). If the remote end doesn't talk TLS, then the two won't be able to establish a connection at all.

However it is also insecure, because the client has no way of knowing whether the remote device is the one it's expecting to talk to, or an imposter. If it's an imposter, they can capture any data sent by the client, and return any data they like to the client. It's the job of a certificate to verify the identity of the server, and you've told it to skip that check.

[Sameer Modak]

So here is the update i did try this insecure skip but i am still getting below error,

 tls: failed to verify certificate: x509: certificate signed by unknown authority

[Brian Candler]

Then you did something wrong in your config, but you'll need to show the config if you want help fixing it.

It also depends on what you're talking to: is this a scrape job talking to an exporter? Is this service discovery? Something else?

[Sameer Modak]

insecure_skip_verify worked for me. I put insecure_skip_verify: false hence it was not working.

Thanks brian