https://github.com/osquery/osquery logo
Title
m

Madhur Jodhwani

09/14/2021, 9:02 AM
go run ./cmd/package --type=pkg --enroll-secret=+6fOMFntLWUrMphCww64WTXP2P7LWlWo --fleet-url=<https://127.0.0.1:8080> --update-url=<https://127.0.0.1:4443> —update-roots='[{"keytype":"ed25519","scheme":"ed25519","keyid_hash_algorithms":["sha256","sha512"],"keyval":{"public":"e2c20fe1c4abe6dcbccf02ef60f5117feb6b64d2f051b4a26a15b1e73922d0cc"}}]' --insecure

Error: 2021-09-14T14:24:43+05:30 FTL package failed error="initialize updates: failed to init updater: init tuf client: tuf: failed to decode root.json: tuf: valid signatures did not meet threshold"
So i tried to run the above command while building orbit but TUF is giving me this output, what should I do? I am on an intel mac with macOS v11.5.2 and I have my certificates trusted by OS X but not the key for the https update server.
m

Martavis Parker

09/14/2021, 3:36 PM
Can you point me to the instructions you are using to get to this point?
z

zwass

09/14/2021, 7:27 PM
@Madhur Jodhwani as I said before the self-hosted updates are a premium feature and we will provide support only to our paid customers.
m

Madhur Jodhwani

09/15/2021, 6:36 AM
@Martavis Parker I am using https python server which uses my self signed and macOS trusted certificate instead of the default http and I am looking to create the package of orbit from the same with the https update server url.