> The error
> ts=2024-09-15T17:58:49.480Z caller=coordinator.go:118 level=error
component=configuration msg="Loadion file failed"
file=/etc/alertmanager/alertmanager.yml err="yaml: unmarshal errors:\n
line 7: field tls_config not found in type config.plain"
It's saying that you cannot put "tls_config" as a top-level key in
Prometheus config. Since the config file is invalid, it cannot run.
As I said before, if you need to use tls_config then it has to be under the
E-mail receiver.
receivers:
- name: send_email
email_configs:
- to: chi...@valucid.com <https://groups.google.com/>
from: chi...@valucid.com <https://groups.google.com/>
smarthost: smtp.zoho.com:587
auth_username: chi...@valucid.com <https://groups.google.com/>
auth_password: passss
require_tls: true
tls_config:
... blah
You don't need to repeat the smarthost / auth_username / auth_password /
require_tls if you've set them globally.
But unfortunately you *do* need to put a separate "tls_config" section
under every email receiver.
> tls_config:
> cert_file: /home/chinelo/alertmanager.crt
> key_file: /home/chinelo/alertmanager.key
That means you want to authenticate to your SMTP server using a TLS client
certificate. I note that if I connect to it, it says it only supports
password authentication (LOGIN and PLAIN):
% openssl s_client -connect smtp.zoho.com:587 -starttls smtp
...
ehlo wombat
250-mx.zohomail.com Hello wombat (x.x.x.x (x.x.x.x))
250-AUTH LOGIN PLAIN
250 SIZE 32505856
I believe the normal way to do TLS client authentication would be with the
SASL "EXTERNAL" mechanism. But since you are already providing an
auth_username and auth_password, I don't think you'll need to provide a TLS
certificate as well. (In which case, maybe you don't need a tls_config
section at all).
However, that's all detail around your particular SMTP server, and maybe it
works in a weird way.
On Sunday 15 September 2024 at 19:08:28 UTC+1 Chinelo Ufondu wrote:
> This is what i did
> global:
> smtp_smarthost: smtp.zoho.com:587
> smtp_from: chi...@valucid.com
> smtp_auth_username: 'chi...@valucid.com'
> smtp_auth_password: passs
>
> smtp_require_tls: true
> tls_config:
> cert_file: /home/chinelo/alertmanager.crt
> key_file: /home/chinelo/alertmanager.key
> receivers:
> - name: send_email
> email_configs:
> - to: chi...@valucid.com
> from: chi...@valucid.com
> smarthost: smtp.zoho.com:587
> auth_username: chi...@valucid.com
> auth_password: passss
>
> require_tls: true
> - name: send_email2
> email_configs:
> - to: la...@valucid.com
> from: la...@valucid.com
> smarthost: smtp.zoho.com:587
> auth_username: la...@valucid.com
> auth_password: passss
>
> require_tls: true
> route:
> receiver: send_email
> routes:
> - receiver: send_email2
> inhibit_rules:
> - source_match:
> severity: critical
> target_match:
> severity: warning
> equal:
> - alertname
> - dev
> - instance
>
> The error
> ts=2024-09-15T17:58:49.480Z caller=coordinator.go:118 level=error
> component=configuration msg="Loadion file failed"
> file=/etc/alertmanager/alertmanager.yml err="yaml: unmarshal errors:\n
> line 7: field tls_config not found in type config.plain"
>
> Sep 15 17:58:49 localhost alertmanager[2767706]:
> ts=2024-09-15T17:58:49.480Z
> On Sun, 15 Sept 2024 at 18:46, 'Brian Candler' via Prometheus Users <
> promethe...@googlegroups.com> wrote:
>
>> Show what you did, and what the error was, and then maybe we can help you.
>>
>> There are some global settings that cover common use cases:
>>
>> https://prometheus.io/docs/alerting/latest/configuration/#file-layout-and-global-settings
>>
>> However, if you need more control (e.g. for client certificate auth or
>> accepting self-signed certificates from the E-mail server) you'll need to
>> use tls_config under the email receiver definition:
>> https://prometheus.io/docs/alerting/latest/configuration/#email_config
>> https://prometheus.io/docs/alerting/latest/configuration/#tls_config
>>
>> On Sunday 15 September 2024 at 16:48:16 UTC+1 Chinelo Ufondu wrote:
>>
>>> Hello all!!
>>>
>>> I am currently trying to configure TLS in my alert manager configuration
>>> file to enable it authenticate to my smtp host, I have tried various
>>> options from the documentation and forums , but all to no avail. I would
>>> appreciate if I am being assisted with this blocker.
>>>
>> --
>>
> You received this message because you are subscribed to the Google Groups
>> "Prometheus Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to prometheus-use...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/prometheus-users/a1d49d1e-7761-4897-9c43-72d54ce3278fn%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/prometheus-users/a1d49d1e-7761-4897-9c43-72d54ce3278fn%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
>
--
You received this message because you are subscribed to the Google Groups
"Prometheus Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to prometheus-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/prometheus-users/36e0a5de-4851-4048-9d65-17bb4ae7c2d0n%40googlegroups.com.
