docker-db-backup icon indicating copy to clipboard operation
docker-db-backup copied to clipboard
verified publisher icon tiredofit

Influxdb v2: availability check fails when self-signed certificate

Open mr-suw opened this issue 6 months ago • 0 comments

Summary

Checking an InfluxDB v2 host fails due to its self-signed certificate. Error message during backup-now: curl: (60) SSL certificate problem: unable to get local issuer certificate

Steps to reproduce

  • configured influxdb v2 host with self-signed certificate as backup source
  • check that host is running below in your browser https://<influx_host>:8086/health
  • browser should show a self-signed certificate warning
  • go into docker-db-backup terminal and run backup-now
  • backup-now shows the following error log and is stuck in retry loop:

2025-10-01.08:29:45 [INFO] ** [db-backup01] Starting Manual Backup for db-backup01 curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the webpage mentioned above. 2025-10-01.08:29:52 [WARN] ** [01-https:__192.168.20.86__ALL] InfluxDB Host 'https://192.168.20.86' is not accessible, retrying.. (5 seconds so far) curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the webpage mentioned above.`

What is the expected correct behavior?

backup-now should ignore self-signed certificates when extra options are given as environment variables (e.g., --insecure) and it should start the backup process of the influxdb v2.

Relevant logs and/or screenshots

-- See above in steps to reproduce

Environment

  • Image version / tag: latest
  • Host OS: linux

Possible fixes

The root cause is in /assets/functions/10-db-backup below function check_availability(). It checks the availability of influxDb v2 host by running the following curl command:

code_received=$(run_as_user curl --insecure -XGET -sSL -o /dev/null -w ''%{http_code}'' ${backup_job_db_host}:${backup_job_db_port}>

When I add the flag --insecure to above curl command, the backup-now proceeds successfully.

Should we add the extra options which could be specified with --insecure (docker environment variable) to the curl command, too?

mr-suw avatar Oct 01 '25 06:10 mr-suw