Self-Signed SSL certs not working

[InstigatorX]

Could you provide an option to support self signed SSL certificates? I'm now using openssl 1.1.1 to address the "x509: certificate relies on legacy Common Name field", but now get "x509: certificate signed by unknown authority".

[InstigatorX]

Found this...

https://github.com/influxdata/influxdb-client-go

client := influxdb2.NewClientWithOptions("http://localhost:8086", "my-token",
influxdb2.DefaultOptions().
SetUseGZip(true).
SetTLSConfig(&tls.Config{
InsecureSkipVerify: true,
}))

[InstigatorX]

I hacked the main.go to add...

import

"crypto/tls"

line 144...

options := influxdb2.DefaultOptions()
options.SetTLSConfig(&tls.Config{InsecureSkipVerify: true})
influxClient := influxdb2.NewClientWithOptions(config.InfluxServer, authString, options)

[cdzombak]

Hm. It's true Golang will not trust self-signed certs by default. Passing InsecureSkipVerify is not recommended, as it downgrades the security for your connection such that it's effectively the same as using plain old HTTP.

This could be securely achieved by using a tls.Config which extends the default root store to include the self-signed cert in question, like described in this post. You could pass in the path to the certificate file as an optional flag when running the program, which would activate this code path.

I don't have the time to add this myself right now, but as I suppose some number of people who want to send their Ecobee data to Influx may be using self-signed certs, I would accept such a PR.