Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

Hi! Can I use certificate with wildcard in subdomain for Fleet (receiving osquery connections) ? Is it obligatory to have exact domain name in CN in certificate?

<@U011VJH3420> let me hunt for an answer for you.

<@U011VJH3420> does this answer your question in any way?
• The CNAME or one of the Subject Alternate Names (SANs) on the certificate must match the hostname that osquery clients use to connect to the server/proxy.
Here is the section of the docs talking about the subject matter

<https://fleetdm.com/docs/deploying/introduction#tls-certificate>

<@U011VJH3420> just got a confirmation:  A wildcard cert should work. `<http://foo.bar.com|foo.bar.com>` should “match” a SAN of `*.<http://bar.com|bar.com>`.

I hope this helps

<@U02D2UJRY0N> thank you very much! Got it!