Hi! Anyone here have experience with why a remote tls enrollment, would return to me an empty

node_key

? If I run

osqueryd

verbose

with the

tls_dump

flag, and re-run the command thats returned to me as failing, from the command line it works fine and I get a value for the

node_key

I'd expect to see but in the daemon it all comes back empty: Daemon:

{"node_key":""}

CLI:

{"node_key": "abc123"}

Again the command I am running from the cli is what is returned to me from

osqueryd tls_dump

. I'm assuming this is likely a problem with the remote API but just want to confirm what the discrepancy may be btw the daemon and cli.

My guess is your TLS server isn't getting the correct enroll secret. Perhaps due to the way you are passing configs in osqueryi vs. osqueryd?

Possibly, looking at the

osquery_flags

being passed to the daemon at runtime it should be correct, and the

tls_dump

seems to capture the correct

enroll_secret

in the command that I then copy off and run manually, however bizarrely on my mac when I run

osqueryi

the flags do not seem to be correct