Chad08/14/2021, 10:13 AM
I get the following errors which makes me think orbit/osquery doesn't support trusted CAs on windows:
.\orbit.exe --fleet-url=<https://host.domain.com:443> --enroll-secret=[Redacted Secret]
My understanding is that if I am using a cert signed by a trusted authority then osquery/orbit shouldn't even be looking for certs locally?
Failed to retrieve system cert pool. Cannot validate Fleet server connection. error="crypto/x509: system root pool is not available on Windows" ... ... Cannot read TLS server certificate(s): \Program Files\osquery\certs\certs.pem
Mystery Incorporated08/14/2021, 12:42 PM
Chad08/14/2021, 3:06 PM
zwass08/14/2021, 3:29 PM