I’m trying to run fleet behind an AWS ALB, with fleet running without TLS on port 80. The interface works, but I cannot add hosts using osquery. I’ve tried via systemd, after placing the flags, secret and certificate files in

/etc/osquery

, and I’ve tried the direct osqueryd while in that etc directory. Neither work. The first - systemd - has no enrolment logs at all in the journal entries. The second - direct - has a json error, which I’m failing to work out

W0527 13:10:57.324188 1032001 tls_enroll.cpp:101] Failed enrollment request to <https://fleetpoc.avnsec.com/api/latest/osquery/enroll> (Cannot parse JSON: The document root must not be followed by other values. Offset: 4) retrying...

Any tips? I also wonder - is the pem file needed, as it is using a valid ACM certificate on the ALB.