Title
#kolide
m

Michael Cervantez

05/14/2019, 10:13 PM
Hey guys is there a known issue with using letsencrypt certificates with Kolide Fleet?
zwass

zwass

05/14/2019, 10:14 PM
Many folks have done so successfully
m

Michael Cervantez

05/14/2019, 10:14 PM
Ah ok probably doing something wrong then
zwass

zwass

05/14/2019, 10:15 PM
Does the CN on the cert match the hostname osquery is using?
m

Michael Cervantez

05/14/2019, 10:18 PM
It does which is bizarre
g

groob

05/14/2019, 10:22 PM
make sure you’re starting fleet with any required intermediary/roots in the .pem file
10:22 PM
not just the leaf
10:23 PM
(if you follow the same instructions for fleet as you would with nginx you’ll be good)
Jams

Jams

05/15/2019, 1:20 AM
Add the TrustID X3 Root to the fullchain.pem generated by Let’s Encrypt. Details here: https://letsencrypt.org/certificates/
m

Michael Cervantez

05/15/2019, 3:10 AM
Thank you that solved the issue