I am following the documentation CRI-O Metrics. I can get the metrics e.g. http://hostname:port/metrics but not as expected on https://hostname:port/metrics
Sample of my configurations file:
$ cat /etc/crio/crio.conf.d/01-metrics.conf
[crio.metrics]
enable_metrics = true
metrics_port = 5555
metrics_cert = "/etc/crio/certs/cert.crt"
metrics_key = "/etc/crio/certs/key.crt"
The permission on the files is 644. Sample:
$ ls -la /etc/crio/certs/
total 20
drwxr-xr-x. 2 root root 37 Jul 21 16:19 .
drwxr-xr-x. 4 root root 55 Jul 21 16:08 ..
-rw-r--r--. 1 root root 12975 Jul 21 15:49 cert.crt
-rw-r--r--. 1 root root 1872 Jul 21 15:49 key.crt
Is there any other configuration that is needed to be enabled in order to make the socket to use https instead of http?
Update: The version of CRI-O that I am running is the latest stable (on the time that the question is asked):
$ crio -v
INFO[0000] Starting CRI-O, version: 1.20.3, git: 50065140109e8dc4b8fd6dc5d2b587e5cb7ed79d(dirty)
crio version 1.20.3
Version: 1.20.3
GitCommit: 50065140109e8dc4b8fd6dc5d2b587e5cb7ed79d
GitTreeState: dirty
BuildDate: 1980-01-01T00:00:00Z
GoVersion: go1.15.7
Compiler: gc
Platform: linux/amd64
Linkmode: static
It seems that feature (the ability of CRI-O socket to run on https for metrics) is only available from versio 1.22 and onwards (ref CRI-O 1.20.3 metrics does not run on https (based on documentation settings) #5112.
So it looks that this feature can not be applied on version 1.20.3.