Hi everyone, We are evaluating FleetDM as an alternative to Canonical Landscape. The docs seem very good so far and we have the preview server running fine on Windows. We'd like to add an additional Linux host within VirtualBox and connect it to the preview server. We generated the deb package and installed it, but it didn't connect. It seems like, even with the IP correct of the host, that orbit/osquery won't connect unless the main server has SSL enabled. Am I missing something, or is this type of testing not possible with the preview server out of the box? Would it work if we generated a local self-signed cert, or are additional steps required? fleetctl debug connection gives the following: Success: can resolve host 192.168.1.64. Success: can dial server at 192.168.1.64:8412. Error: Fail: certificate: dial for validate: verify certificate: x509: cannot validate certificate for 192.168.1.64 because it doesn't contain any IP SANs Thanks!

Hey @Erik Ziegler, It is a little hard to follow since i don't have all the details of your TLS setup, But based on the info you provided. It looks like the certificate you are using doesn't include the

192.168.1.64

hostname as a SAN. I would recommend one of the following: 1. regenerate a certificate (self signed should work fine) and include the ip address as a SAN. 2. Connect via a hostname, make sure the hostname is included in the cert. Or if you want to save time and the hassle. You can run your fleet evaluation on stratavector.io the latest version of 1.68.1 is supported.

Thanks! This was helpful. We used ngrok with this command: ngrok http https://localhost:8412 --host-header="localhost:8412" Without specifying the https properly we received a 400 bad request. Then it all worked!

Nice!