diff --git a/config/config.go b/config/config.go index b6c5bb2..f7de2f0 100644 --- a/config/config.go +++ b/config/config.go @@ -283,6 +283,9 @@ func ReadConfig(path string) (*Config, error) { if err := d.ParseParams(&config.Ntfy.CertFingerprint); err != nil { return nil, err } + + // hex.EncodeToString outputs a lower case string + config.Ntfy.CertFingerprint = strings.ToLower(strings.ReplaceAll(config.Ntfy.CertFingerprint, ":", "")) } d = ntfyDir.Children.Get("email-address") diff --git a/config/config_test.go b/config/config_test.go index a72e9c9..9d75a47 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -76,7 +76,7 @@ cache { Topic: "https://ntfy.sh/alertmanager-alerts", User: "user", Password: "pass", - CertFingerprint: "13:6D:2B:88:9C:57:36:D0:81:B4:B2:9C:79:09:27:62:92:CF:B8:6A:6B:D3:AD:46:35:CB:70:17:EB:99:6E:28:08:2A:B8:C6:79:4B:F6:2E:81:79:41:98:1D:53:C8:07:B3:5C:24:5F:B1:8E:B6:FB:66:B5:DD:B4:D0:5C:29:91", + CertFingerprint: "136d2b889c5736d081b4b29c7909276292cfb86a6bd3ad4635cb7017eb996e28082ab8c6794bf62e817941981d53c807b35c245fb18eb6fb66b5ddb4d05c2991", }, Labels: labels{Order: []string{"severity", "instance"}, Label: map[string]labelConfig{ diff --git a/main.go b/main.go index 9a34f14..aec085f 100644 --- a/main.go +++ b/main.go @@ -333,8 +333,7 @@ func (br *bridge) publish(n *notification) error { req.Header.Set("Actions", fmt.Sprintf("http, Silence, %s, method=POST, body=%s%s", url, n.silenceBody, authString)) } - // hex.EncodeToString outputs a lower case string - configFingerprint := strings.ToLower(strings.ReplaceAll(br.cfg.Ntfy.CertFingerprint, ":", "")) + configFingerprint := br.cfg.Ntfy.CertFingerprint if configFingerprint != "" { tlsCfg := &tls.Config{} tlsCfg.VerifyPeerCertificate = func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error { @@ -357,7 +356,7 @@ func (br *bridge) publish(n *notification) error { } expectedFingerprint += fmt.Sprintf("%02X", b) } - return fmt.Errorf("ntfy certificate fingerprint does not match: expected %q, got %q", expectedFingerprint, br.cfg.Ntfy.CertFingerprint) + return fmt.Errorf("the ntfy certificate fingerprint (%s) is not set in the config", expectedFingerprint) } tlsCfg.InsecureSkipVerify = true