Is it possible to tls_skip_verify the metrics endpoint?

Is it possible to skip tls verification on a metrics endpoint?

Background here, I’m trying to setup Cockroach DB (which is working great so far) in secure mode. This means that the web UI (including the healthcheck and metrics endpoint) are behind self signed tls certificates. I can skip tls on the healthcheck, but not the metrics endpoint. Here is the fly.toml file I’m using:

# fly.toml file generated for cockroach on 2022-02-18T17:42:09-07:00

app = "cockroach"

kill_signal = "SIGTERM"
kill_timeout = 90
services = []

[checks]
  [checks.crdb]
    grace_period = "60s"
    interval = "15s"
    method = "get"
    path = "/health"
    port = 8080
    protocol = "https"
    timeout = "10s"
    tls_skip_verify = true
    type = "http"

[deploy]
  strategy = "rolling"

[experimental]
  allowed_public_ports = []
  auto_rollback = true
  private_network = true

[metrics]
  path = "/_status/vars"
  port = 8080
  protocol = "https"
  tls_skip_verify = true

[[mounts]]
  destination = "/cockroach/cockroach-data"
  source = "crdb_data"

Hi @Blake_Kostner

Metrics currently doesn’t support https requests, only http.