We re currently running fleet behind a load balancer that ha

Question

We re currently running fleet behind a load balancer that handles https and fleet itself listens on http on the back end I notice I can t seem to use fleetctl pointing to localhost because it demands an https connection Is there currently a flag to override that I don t see one

Noah Talerman · Answer

I believe what you re looking for is the ` tls skip verify` flag in this command ```fleetctl config set address tls skip verify```

Noah Talerman · Answer

Please let me know if this helps solve your issue

Scott Lampert · Answer

It doesn t I still get `error creating Fleet API client handler Address must start with https ` when I try to do `fleetctl login`

Scott Lampert · Answer

the fleet server runs http not https

Scott Lampert · Answer

the load balancer handles the ssl

Scott Lampert · Answer

I think it s this code here <https github com fleetdm fleet blob 6b1ba2be5c29ee5da331075929c3e27811f795d2 server service client go L39>

zwass · Answer

Yep that looks to be it < Scott Lampert> can you hit the LB url as a workaround and file an issue for http support if you ll need that

Scott Lampert · Answer

Well I noticed it when I was having issues with LB slightly smiling face

zwass · Answer

Heh seems we ve put you in a bit of a bind then

Scott Lampert · Answer

It s not currently a blocker but it would be nice to have Also for all the init stuff our container does so it can talk locally instead of having to go out and back in through the LB

zwass · Answer

Makes sense Please file an issue and we ll look at adding that

Scott Lampert · Answer

< zwass> I made a PR for this

Scott Lampert · Answer

It seems to work fine locally

Scott Lampert · Answer

< zwass> I update the PR to only allow localhost Hopefully it can get into the next release so I don t need a custom binary slightly smiling face

zwass · Answer

You got it slightly smiling face