Improve handling of errors for invalid certs

Signed-off-by: Knut Ahlers <knut@ahlers.me>

cert.go

@@ -45,13 +45,13 @@ func checkCertificate(probeURL *url.URL) (probeResult, *x509.Certificate) {
 	req.Header.Set("User-Agent", fmt.Sprintf("Mozilla/5.0 (compatible; PromCertcheck/%s; +https://github.com/Luzifer/promcertcheck)", version))
 
 	resp, err := http.DefaultClient.Do(req)
-	switch err.(type) {
-	case nil, redirectFoundError:
+	switch {
+	case err == nil:
+	case strings.Contains(err.Error(), redirectFoundError.Error()):
+		checkLogger.WithError(err).Warn("A redirect was found")
 	default:
 		checkLogger.WithError(err).Error("HTTP request failed")
-		if !strings.Contains(err.Error(), "Found a redirect.") {
-			return generalFailure, nil
-		}
+		return generalFailure, nil
 	}
 	resp.Body.Close()
 

main.go

@@ -1,7 +1,9 @@
 package main // import "github.com/Luzifer/promcertcheck"
 
 import (
+	"crypto/tls"
 	"crypto/x509"
+	"errors"
 	"fmt"
 	"net/http"
 	"net/url"
@@ -24,6 +26,8 @@ var (
 	}{}
 	version       = "dev"
 	probeMonitors = map[string]*probeMonitor{}
+
+	redirectFoundError = errors.New("Found a redirect")
 )
 
 type probeMonitor struct {
@@ -33,12 +37,6 @@ type probeMonitor struct {
 	Certificate *x509.Certificate
 }
 
-type redirectFoundError struct{}
-
-func (r redirectFoundError) Error() string {
-	return "Found a redirect."
-}
-
 func init() {
 	if err := rconfig.Parse(&config); err != nil {
 		log.Fatalf("Unable to parse CLI parameters: %s", err)
@@ -53,7 +51,10 @@ func init() {
 
 func main() {
 	http.DefaultClient.CheckRedirect = func(req *http.Request, via []*http.Request) error {
-		return redirectFoundError{}
+		return redirectFoundError
+	}
+	http.DefaultClient.Transport = &http.Transport{
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
 	}
 
 	registerProbes()