Hi everyone, I am getting 'certificate verify failed' error while connecting osquery to fleetdm. i am using osquery version 5.4.0 and fleetdm version 4.18.0. when i use osquery version 3.3.0 it works fine. Any idea what could be the issue? W0807 063845.080950 5115 tls_enroll.cpp:101] Failed enrollment request to https://IP:8080/api/osquery/enroll (Request error: certificate verify failed) retrying... W0807 063849.117959 5115 tls_enroll.cpp:101] Failed enrollment request to https://IP:8080/api/osquery/enroll (Request error: certificate verify failed) retrying...

Are you connecting via IP instead of hostname? If so, this is likely failing because the certificate only has the hostname in it

But it works fine on osquery version 4.1.2.

What version of Fleet were you using before the update to 4.18? Are you seeing any errors in the Fleet server logs?

I am getting below error while connecting osquery to fleetdm server. W0807 063845.080950 5115 tls_enroll.cpp:101] Failed enrollment request to https://IP:8080/api/osquery/enroll (Request error: certificate verify failed) retrying... W0807 063849.117959 5115 tls_enroll.cpp:101] Failed enrollment request to https://IP:8080/api/osquery/enroll (Request error: certificate verify failed) retrying...

It looks like those are the local osquery logs what are you seeing in the Fleet server? There may be some additional information there. I asked about the previous Fleet version as well because if you made a large jump there, it could explain why the certificate worked previously but isn't now.

Same err Failed enrollment request to https://fleet.abc.com/api/v1/osquery/enroll (Request error: certificate verify failed) retrying...

Any updates @Zohaib Nasir? Were you able to check the Fleet server logs?

@Kathy Satterlee issue not resolved, osquery 4.1.2 working fine. but versions above 4.1.2 gives certificate verify failed error.

And were you able to check the Fleet server for any errors that might correspond with those requests?

@Kathy Satterlee No, i didn't check fleet server logs.

That would definitely be the next step here. Check the server logs to see if the requests are making it that far and see if there are any errors there with additional information.

@Kathy Satterlee regarding the same one, i have debuged the issue to the netskope. I have netskope runing and when it is turned on the certificate fails but if i switch it off it works fine and host is online on fleet. Tried to find a way around for it but stuck on this one. Can you guide me what to do?