Only parse certificate blocks in x509_cert input (#6893)

CHANGELOG.md

@@ -32,6 +32,7 @@
 ## v1.13.2 [unreleased]
 
 #### Bugfixes
+- [#6890](https://github.com/influxdata/telegraf/issues/6890): Fix local certificate parsing in x509_certs input.
 
 - [#2652](https://github.com/influxdata/telegraf/issues/2652): Warn without error when processes input is started on Windows.
 

plugins/inputs/x509_cert/x509_cert.go

@@ -103,11 +103,13 @@ func (c *X509Cert) getCert(u *url.URL, timeout time.Duration) ([]*x509.Certifica
 				return nil, fmt.Errorf("failed to parse certificate PEM")
 			}
 
-			cert, err := x509.ParseCertificate(block.Bytes)
+			if block.Type == "CERTIFICATE" {
-			if err != nil {
+				cert, err := x509.ParseCertificate(block.Bytes)
-				return nil, err
+				if err != nil {
+					return nil, err
+				}
+				certs = append(certs, cert)
 			}
-			certs = append(certs, cert)
 			if rest == nil || len(rest) == 0 {
 				break
 			}

plugins/inputs/x509_cert/x509_cert_test.go

@@ -145,6 +145,7 @@ func TestGatherLocal(t *testing.T) {
 		{name: "correct certificate and extra trailing space", mode: 0640, content: pki.ReadServerCert() + " "},
 		{name: "correct certificate and extra leading space", mode: 0640, content: " " + pki.ReadServerCert()},
 		{name: "correct multiple certificates", mode: 0640, content: pki.ReadServerCert() + pki.ReadCACert()},
+		{name: "correct multiple certificates and key", mode: 0640, content: pki.ReadServerCert() + pki.ReadCACert() + pki.ReadServerKey()},
 		{name: "correct certificate and wrong certificate", mode: 0640, content: pki.ReadServerCert() + "\n" + wrongCert, error: true},
 		{name: "correct certificate and not a certificate", mode: 0640, content: pki.ReadServerCert() + "\ntest", error: true},
 		{name: "correct multiple certificates and extra trailing space", mode: 0640, content: pki.ReadServerCert() + pki.ReadServerCert() + " "},