I get the following errors which makes me think orbit/osquery doesn't support trusted CAs on windows:
.\orbit.exe --fleet-url=<https://host.domain.com:443> --enroll-secret=[Redacted Secret]
My understanding is that if I am using a cert signed by a trusted authority then osquery/orbit shouldn't even be looking for certs locally?
Failed to retrieve system cert pool. Cannot validate Fleet server connection. error="crypto/x509: system root pool is not available on Windows" ... ... Cannot read TLS server certificate(s): \Program Files\osquery\certs\certs.pem