Promethues https

Grafana Prometheus
1

My Prometheus, version 2.21.0

how can I configure https ?

–web.config.file tag is not working shows unknow flag

Is there any other way to config https?

2

“–web.config.file tag is not working shows unknow flag”

Please show us what filename you provided following that tag, and the content
(excluding comments) of that file.

In other words, please show us what configuration you tried to use to enable
HTTPS, so that we might see any mistakes.

Antony.

3

Hi Pooh,

first of all Thanks for support

below is the prometheus.service configuration

[Unit]
Description=Prometheus systemd service unit
Wants=network-online.target
After=network-online.target

[Service]
Type=simple
User=prometheus
Group=prometheus
ExecReload=/bin/kill -HUP $MAINPID
ExecStart=/usr/local/bin/prometheus
–config.file=/etc/prometheus/prometheus.yml
–web.config.file=/etc/prometheus/web-config.yml
–storage.tsdb.path=/etc/prometheus/data
–web.console.templates=/etc/prometheus/consoles
–web.console.libraries=/etc/prometheus/console_libraries
–web.listen-address=0.0.0.0:9500
–log.level=warn

SyslogIdentifier=prometheus
Restart=always

[Install]
WantedBy=multi-user.target

below is the web-config.yml

tls_server_config:

Certificate and key files for server to use to authenticate to client.

cert_file: /etc/prometheus/cert/xyz.crt
key_file: /etc/prometheus/cert/xyz.key

Server policy for client authentication. Maps to ClientAuth Policies.

For more detail on clientAuth options:

tls package - crypto/tls - pkg.go.dev

NOTE: If you want to enable client authentication, you need to use

RequireAndVerifyClientCert. Other values are insecure.

[ client_auth_type: | default = “NoClientCert” ]

CA certificate for client certificate authentication to the server.

[ client_ca_file: /etc/prometheus/cert/xyz_ca.crt ]

Minimum TLS version that is acceptable.

[ min_version: | default = “TLS12” ]

[ min_version: “TLS1.2” ]

4

I’m pretty certain you just need to comment-out the lines starting with square
brackets as these are documentation examples and not directives.

Antony.

5

Hi

I removed brackets and additional line is already commented

I have restarted service but below error shows

Error parsing commandline arguments: unknown long flag ‘–web.config.file’
prometheus: error: unknown long flag ‘–web.config.file’
prometheus.service: Main process exited, code=exited, status=1/FAILURE
prometheus.service: Failed with result ‘exit-code’.