Description of problem: I have a host with yara installed. I want to enable the forwarding of yara data to Insights with insights-client so that Insights can detect Malware attacks. This is currently impossible. Version-Release number of selected component (if applicable): 6.12.2 How reproducible: Consistent Steps to Reproduce: 1. Install yara on a rhel host. 2. Run insights-client --collector malware-detection Actual results: [root@ip-172-31-29-5 ~]# insights-client --collector malware-detection Starting to collect Insights data for ip-172-31-29-5.us-west-1.compute.internal Performing a test scan of /etc/insights-client/malware-detection-config.yml and the current process (PID 4500) to verify the malware-detection app is installed and scanning correctly ... Unable to download rules from https://ip-172-31-29-12.us-west-1.compute.internal:443/redhat_access/r/insights/platform/malware-detection/v1/test-rule.yar: HTTPSConnectionPool(host='ip-172-31-29-12.us-west-1.compute.internal', port=443): Max retries exceeded with url: /redhat_access/r/insights/platform/malware-detection/v1/test-rule.yar (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)'),)) Expected results: Additional info:
This was a fix that needed to happen in insights-core and has been fixed: https://github.com/RedHatInsights/insights-core/pull/3826