christran
08/26/2020, 8:59 AMseph
08/26/2020, 12:47 PM/var/osquery/server.pem
I think that should be a bundle of CA certificates, not the server cert directly.christran
08/27/2020, 4:23 AMcurl -v -X POST <https://domain/api/v1/osquery/enroll>
* Trying IP...
* TCP_NODELAY set
* Connected to domain (IP) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Unknown (8):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Client hello (1):
* TLSv1.3 (OUT), TLS Unknown, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: CN=domain
* start date: Aug 26 07:33:12 2020 GMT
* expire date: Nov 24 07:33:12 2020 GMT
* subjectAltName: host "domain" matched cert's "domain"
* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
* SSL certificate verify ok.
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
> POST /api/v1/osquery/enroll HTTP/1.1
> Host: domain
> User-Agent: curl/7.58.0
> Accept: */*
>
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
< HTTP/1.1 500 Internal Server Error
< Date: Thu, 27 Aug 2020 04:19:51 GMT
< Content-Length: 108
< Content-Type: text/plain; charset=utf-8
<
{
"message": "Unknown Error",
"errors": [
{
"name": "base",
"reason": "EOF"
}
]
}
* Connection #0 to host domain left intact