Hi Fleet gurus. I launched a CentOS instance in GCP and installed Fleet. The cert I am using was generate by zerossl using a script called acme.sh. I tried to enroll a host now and it is failing with the following error:

tls: failed to verify certificate: x509: certificate signed by unknown authority

The package was generated by running the fleetctl command displayed in the web UI for .deb. Any idea of how we can troubleshoot this? Thank you!

Hey @Vinny, based on the error I would think that somewhere ZeroSSL is not a trusted CA on your system. What version of CentOS are you running?

Hi Dale. Thank you for your support. Running Red Hat Enterprise Linux release 9.4 (Plow)

This might help: https://www.redhat.com/sysadmin/configure-ca-trust-list ZeroSSL says they provide you a with

ca_bundle.crt

in the ZIP download with your certificate. I didn't see RHEL in their compatibility list so it is possible you have to manually add the CA to the trust list.

hum interesting...thank you!

Keep me posted!

Hey Dale. Spot on. That worked. Thank you so much