Daniel Cross

05/27/2022, 3:48 AM
I’m trying to run fleet behind an AWS ALB, with fleet running without TLS on port 80. The interface works, but I cannot add hosts using osquery. I’ve tried via systemd, after placing the flags, secret and certificate files in
, and I’ve tried the direct osqueryd while in that etc directory. Neither work. The first - systemd - has no enrolment logs at all in the journal entries. The second - direct - has a json error, which I’m failing to work out
W0527 13:10:57.324188 1032001 tls_enroll.cpp:101] Failed enrollment request to <https://fleetpoc.avnsec.com/api/latest/osquery/enroll> (Cannot parse JSON: The document root must not be followed by other values. Offset: 4) retrying...
Any tips? I also wonder - is the pem file needed, as it is using a valid ACM certificate on the ALB.
3:53 AM
I get a 404 trying to curl the enroll endpoint.
3:56 AM
ahhhh ok
api endpoint seems to not exist - just
3:56 AM
If I change the endpoint in the flagfile it connects.