From 8aee6262c12d08cd5e12578450fbcc7c9c23f774 Mon Sep 17 00:00:00 2001
From: Gideon <38234434+gseyetik@users.noreply.github.com>
Date: Tue, 9 Jun 2020 10:38:58 -0400
Subject: [PATCH] Allow InfluxDB to use insecure TLS without cert bundle
 (#8778)

Moves the configuration of insecure TLS and TLS version outside of the certificate bundle.
---
 .../database/influxdb/connection_producer.go  | 28 ++++++++++---------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/plugins/database/influxdb/connection_producer.go b/plugins/database/influxdb/connection_producer.go
index 8a14325ac..f77658a22 100644
--- a/plugins/database/influxdb/connection_producer.go
+++ b/plugins/database/influxdb/connection_producer.go
@@ -194,20 +194,22 @@ func (i *influxdbConnectionProducer) createClient() (influx.Client, error) {
 			if err != nil || tlsConfig == nil {
 				return nil, errwrap.Wrapf(fmt.Sprintf("failed to get TLS configuration: tlsConfig:%#v err:{{err}}", tlsConfig), err)
 			}
-			tlsConfig.InsecureSkipVerify = i.InsecureTLS
-
-			if i.TLSMinVersion != "" {
-				var ok bool
-				tlsConfig.MinVersion, ok = tlsutil.TLSLookup[i.TLSMinVersion]
-				if !ok {
-					return nil, fmt.Errorf("invalid 'tls_min_version' in config")
-				}
-			} else {
-				// MinVersion was not being set earlier. Reset it to
-				// zero to gracefully handle upgrades.
-				tlsConfig.MinVersion = 0
-			}
 		}
+		
+		tlsConfig.InsecureSkipVerify = i.InsecureTLS
+
+		if i.TLSMinVersion != "" {
+			var ok bool
+			tlsConfig.MinVersion, ok = tlsutil.TLSLookup[i.TLSMinVersion]
+			if !ok {
+				return nil, fmt.Errorf("invalid 'tls_min_version' in config")
+			}
+		} else {
+			// MinVersion was not being set earlier. Reset it to
+			// zero to gracefully handle upgrades.
+			tlsConfig.MinVersion = 0
+		}
+		
 		clientConfig.TLSConfig = tlsConfig
 		clientConfig.Addr = fmt.Sprintf("https://%s:%s", i.Host, i.Port)
 	}