Hey guys is there a known issue with using letsenc...
# kolidem
Michael Cervantez
05/14/2019, 10:13 PMHey guys is there a known issue with using letsencrypt certificates with Kolide Fleet?
z
zwass
05/14/2019, 10:14 PM
Many folks have done so successfully
m
Michael Cervantez
05/14/2019, 10:14 PMAh ok probably doing something wrong then
z
zwass
05/14/2019, 10:15 PM
Does the CN on the cert match the hostname osquery is using?
m
Michael Cervantez
05/14/2019, 10:18 PMIt does which is bizarre
g
groob
05/14/2019, 10:22 PM
make sure you’re starting fleet with any required intermediary/roots in the .pem file
groob
05/14/2019, 10:22 PM
not just the leaf
groob
05/14/2019, 10:23 PM
(if you follow the same instructions for fleet as you would with nginx you’ll be good)
👍 1
j
Jams
05/15/2019, 1:20 AMAdd the TrustID X3 Root to the fullchain.pem generated by Let’s Encrypt. Details here: https://letsencrypt.org/certificates/
m
Michael Cervantez
05/15/2019, 3:10 AMThank you that solved the issue