Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

What’s up?
```curl <https://pkg.osquery.io/rpm/GPG>
curl: (60) SSL certificate problem: self signed certificate in certificate chain
More details here: <https://curl.haxx.se/docs/sslcerts.html>

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.```

Hey is this still an issue some of the OSquery infra was moved to the new foundation, and there was a period of interruption.

Checking the certificate chain now I can’t see any issue from the UK

Certificate issued at `Wednesday, 16 September 2020 at 16:19:43 British Summer Time`

I’m not sure, I’m getting this on a Linux (F32) laptop, but not on my MacBookPro, so I don’t know

I also get this on that Linux host:
```openssl s_client -showcerts -servername server -connect <http://pkg.osquery.io:443|pkg.osquery.io:443>
CONNECTED(00000003)
140309355648832:error:140943F2:SSL routines:ssl3_read_bytes:sslv3 alert unexpected message:ssl/record/rec_layer_s3.c:1543:SSL alert number 10
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 308 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---```

:confused: okay I just spun up a Fedora 32 live ISO and can’t replicate.

Ok, I’ll look through my setup and try some more, since it seems that it’s my setup that’s causing this.

It may be geo-graphic amazon had some ACM issues yesterday

```reated by dnf config-manager from <https://pkg.osquery.io/rpm/osquery-s3-rpm.rep>                                              248  B/s | 313  B     00:01    
Errors during downloading metadata for repository 'pkg.osquery.io_rpm_osquery-s3-rpm.rep':
  - Status code: 404 for <https://pkg.osquery.io/rpm/osquery-s3-rpm.rep/repodata/repomd.xml> (IP: 99.84.10.98)
Error: Failed to download metadata for repo 'pkg.osquery.io_rpm_osquery-s3-rpm.rep': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
Ignoring repositories: pkg.osquery.io_rpm_osquery-s3-rpm.rep
Last metadata expiration check: 0:01:55 ago on Fri 18 Sep 2020 10:37:15 AM BST.
Package osquery-4.4.0-1.x86_64 is already installed.
Dependencies resolved.```

Question about
```<https://pkg.osquery.io/rpm/osquery-s3-rpm.rep>```
that is invalid, there should be a "o" at the end.

<@UNXAPHQ4A>, your `openssl` command is incorrect, please use:

```openssl s_client -showcerts -servername <http://pkg.osquery.io|pkg.osquery.io> -connect <http://pkg.osquery.io:443|pkg.osquery.io:443>```