im attempting to move for launcher to orbit, launc...
# fleet
im attempting to move for launcher to orbit, launcher worked correctly but using orbit with similar options mainly the insecure flag seems to cause OSquery, the one provided by orbit i unistalled the version i had installed via yum, to crash as it cant verify the certificate on the port opened on the local host
heres the output from systemd
this is what it says is being passed to osqueryd
Copy code
/var/lib/orbit/bin/osqueryd/linux/stable/osqueryd --pidfile=/var/lib/orbit/ --database_path=/var/lib/orbit/osquery.db --extensions_socket=/var/lib/orbit/osquery.em --enroll_secret_env=ENROLL_SECRET --tls_hostname=localhost:37880 --enroll_tls_endpoint=/api/v1/osquery/enroll --config_plugin=tls --config_tls_endpoint=/api/v1/osquery/config --config_refresh=60 --disable_distributed=false --distributed_plugin=tls --distributed_tls_max_attempts=10 --distributed_tls_read_endpoint=/api/v1/osquery/distributed/read --distributed_tls_write_endpoint=/api/v1/osquery/distributed/write --logger_plugin=tls --logger_tls_endpoint=/api/v1/osquery/log --disable_carver=false --carver_start_endpoint=/api/v1/osquery/carve/begin --carver_continue_endpoint=/api/v1/osquery/carve/block --carver_block_size=2000000 --tls_server_certs /tmp/fleet.crt --force
           └─1501 /var/lib/orbit/bin/osqueryd/linux/stable/osqueryd
Can you have a look at whether
exists and what the contents are while that's running?
seems to exist and it seems to be a cert i can try deleting it if its recreated automatically
👍 1
Should be valid
Copy code
openssl x509 -in test.crt -text
        Version: 1 (0x0)
        Serial Number: 10349005785124955555 (0x8f9f0dee20d5e5a3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=localhost
            Not Before: Dec 19 00:40:04 2020 GMT
            Not After : May  5 00:40:04 2048 GMT
        Subject: CN=localhost
What platform are you on here?
Centos 7
64 bit
Thank you. I'll see if I can reproduce later.
👍 1