Does Fleet need to be running with

server_tls

set to

true

in order to allow osquery clients to connect to it?

I’d bet not. Did you move fleet behind an SSL terminating load balancer and things don’t work? What error does launcher produce?

Osquery will refuse to connect over non-TLS, so Fleet or an LB must be terminating TLS. You can use a self signed cert though. Just pass the full cert chain to osquery with

--tls_server_certs

.

Thanks!!