Provisioning datasource via config file giving error as unknown certificate

  • What Grafana version and what operating system are you using?

  • What are you trying to achieve?

I have 2 Prometheus urls and I am trying to add Prometheus datasource for grafana

  • How are you trying to achieve it?

apiVersion: 1


  • Did you receive any errors in the Grafana UI or in related logs? If so, please tell us exactly what they were.

Error reading Prometheus: an error occured withing plugin

tls: unknown certificate

  • Did you follow any online instructions? If so, what is the URL?
    Grafana documentation

Hello @mamdyalv,

I had a lot of issues with SSL/TLS certification with something else, I’ll just provide you some commands to try to figure out what could be wrong:
First of all, check if your certificate are still up to date:

openssl x509 -enddate -noout -in <prometheus_certificate.pem> # Could be in /etc/prometheus/certs
openssl x509 -enddate -noout -in <ca_certificate.pem> # I guess /apps/certificate/csm_root_ca.pem

If this is okay, try to check if your prometheus_certificate is correcly signed by your ca_certificate:

openssl verify -CAfile <ca_certificate.pem> <prometheus_certificate.pem>

Finally, you can check what happen with your the TLS/SSL certification during the connection:

openssl s_client -connect

If you only want to see the SSL certificate and not all the detail:

openssl s_client -connect | openssl x509

Let me know if you’ve been able to see any problems!


1 Like

I checked all you mentioned. Everything is seems to be okay but still I am facing error on grafana UI as:

Error reading Prometheus: an error occured within the plugin

And in grafana logs it showing error as:

Failed to parse tls ca pem certificate.
Tls: unknown certificate

Hey @mamdyalv,

I’ll not be able to help you with Prometheus.

Can you show a little more of your Grafana log (please use ``` syntax), and the ssl part of your grafana.ini file?