PushProx
PushProx copied to clipboard
prometheus-community
Register with FQDN in URL
This replaces having the FQDN in the body in order to make client certificate validation easier.
The proxy will continue to work with older clients as we still keep the
old endpoint. However any calls to /poll/* will use the FQDN provided
in the URL for registration.
With this change it is easy to compare the CN in the client certificate with the FQDN provided to PushProx to ensure the client is authorized.
The push call needs not change as the Id header uses a UUID that, to my understanding, is cryptographically random.
