fbone
02/04/2020, 8:22 PMjackjack
02/04/2020, 9:06 PMzwass
fbone
02/04/2020, 9:10 PMzwass
--tls_dump
on which it looks like you do then osquery will show what it is actually sending. If that is an empty string it means osquery is unable to read it.fbone
02/04/2020, 9:11 PMjackjack
02/04/2020, 9:23 PMtls_dump
doesn’t really tell us what secret is sending, just telling us it’s invalid enroll secretseph
osqueryi
.