Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

Hi! Anyone here have experience with why a remote tls enrollment, would return to me an empty `node_key`? If I run `osqueryd` `verbose` with the `tls_dump` flag, and re-run the command thats returned to me as failing, from the command line it works fine and I get a value for the `node_key` I'd expect to see but in the daemon it all comes back empty:

Daemon: `{"node_key":""}`
CLI: `{"node_key": "abc123"}`

Again the command I am running from the cli is what is returned to me from `osqueryd tls_dump`. I'm assuming this is likely a problem with the remote API but just want to confirm what the discrepancy may be btw the daemon and cli.

My guess is your TLS server isn't getting the correct enroll secret. Perhaps due to the way you are passing configs in osqueryi vs. osqueryd?

Possibly, looking at the `osquery_flags` being passed to the daemon at runtime it *should* be correct, and the `tls_dump` seems to capture the correct `enroll_secret` in the command that I then copy off and run manually, however bizarrely on my mac when I run `osqueryi` the flags do not seem to be correct

So again confused by whats causing the discrepancy there