hi all! is there any doc/demonstration about how OSquery enrollment for TLS communication works? like how are the secret file and certificates verified, etc.?

there's just this https://osquery.readthedocs.io/en/latest/deployment/remote/#simple-shared-secret-enrollment but if you have specific questions maybe they can be answered here

oh I think this answers my question, but just to be sure, when osquery provides the correct enrollment secret to the server, the server sends a

NODE_KEY

back, right? which means that the validation was successful?

@Stefano Bonicatti do you know? I'm not that familiar with this part

Yes, it’s correct; also if the node key sent back to the server by osquery is incorrect, osquery then receives a response with

node_invalid: true

and will attempt to re-enroll

oh alright Thanks a lot for your help guys! 😄