https://github.com/osquery/osquery logo
#fleet
Title
# fleet
j

Justin Bowen

03/12/2021, 7:04 PM
I just tried to launch the latest OSQuery in box and it never generated fleet.crt / fleet.key , and I can't seem to get OSQuery to accept a self signed cert on fleet (this is for testing) , any ideas?
z

zwass

03/12/2021, 7:05 PM
Those cert files are in the
osquery
directory. Does that help?
j

Justin Bowen

03/12/2021, 7:06 PM
Right, I generated them
But for the moment, they are just self signed
Can I get osquery to allow with self signed?
z

zwass

03/12/2021, 7:07 PM
Yes, use the
--tls_server_certs
flag with osquery.
j

Justin Bowen

03/12/2021, 7:11 PM
z

zwass

03/12/2021, 7:14 PM
Probably need a
sudo
there, or else configure a different path for the pidfile
j

Justin Bowen

03/12/2021, 7:20 PM
I was calling out the cert verify failed error to be specific
z

zwass

03/12/2021, 7:34 PM
That was before or after using
--tls_server_certs
flag?
j

Justin Bowen

03/12/2021, 9:40 PM
after
I used the Fleet UI instructions for adding a client
so i used the flagfile , server pem, and secret files it has you download then try to run it
z

zwass

03/12/2021, 10:59 PM
Can you paste the flagfile it gave you please?
s

spookerlabs

03/12/2021, 11:25 PM
@Justin Bowen this could be FQDN problem. How did you create your certificate ? Some name and now using IP as hostname ? Could be the issue.
j

Justin Bowen

03/12/2021, 11:36 PM
ahh that would make sense
yes I used the ip address
z

zwass

03/12/2021, 11:37 PM
Yeah that is likely the issue
If you generate a cert with matching IP SANs it will work.
j

Justin Bowen

03/12/2021, 11:37 PM
Copy, ill work on that
z

zwass

03/12/2021, 11:42 PM
Or for a quick test you can always make an
/etc/hosts
entry
j

Justin Bowen

03/12/2021, 11:52 PM
That's the plan, thanks!
2 Views