So just to be clear this is the page I am not able...
# kolidee
eli_pro
01/03/2019, 10:12 PMSo just to be clear this is the page I am not able to download the server certificate from. Tried changing URL to server ip address, public ip address and what I think is my fqdn but still no luck.
eli_pro
01/03/2019, 10:13 PM@zwass Thank you for answering me earlier questions.
z
zwass
01/03/2019, 10:15 PM
Just use the certificate file that you are providing to the server
e
eli_pro
01/03/2019, 10:42 PM@zwass any idea if this is bc of my URL or tls?
z
zwass
01/04/2019, 12:09 AM
This looks like you provided an incorrect URL in the osqueryd configuration. Connection refused usually means there is no server listening at that address/port.
👍 1
e
eli_pro
01/04/2019, 2:02 PMOk. Will troubleshoot. Thank you.
eli_pro
01/04/2019, 4:38 PM@zwass So I checked my fqnd and did a ping -a from another server and its getting recognized. This is how i have my URL set My fqdn is me.mylabserver.com so I have my URL as https://me.mylabserver.com
eli_pro
01/04/2019, 4:39 PMNot sure if this warning has to do with my clients not connecting to server.
eli_pro
01/04/2019, 4:59 PMeli_pro
01/04/2019, 4:59 PMeli_pro
01/04/2019, 5:03 PM@groob Appreciate you guys help. Thank you.
g
groob
01/04/2019, 5:04 PM
it says connection refused. is your server up?
e
eli_pro
01/04/2019, 5:08 PMyes, its running.
g
groob
01/04/2019, 5:09 PM
your server is running on port 8080 but you’re connecting to port 443
e
eli_pro
01/04/2019, 5:22 PMThats true. Let me change that.
eli_pro
01/04/2019, 5:23 PMeli_pro
01/04/2019, 5:23 PMg
groob
01/04/2019, 5:25 PM
now it’s timing out but that looks like an issue on your end again. i’m not sure why that would be
e
eli_pro
01/04/2019, 5:27 PMThe server seem to recognize it.
g
groob
01/04/2019, 5:28 PM
all the logs are showing me are from the frontend requests
e
eli_pro
01/04/2019, 5:33 PMOk I see.
eli_pro
01/04/2019, 5:34 PMI m not sure why kolide isn't working for me. Not sure what I am doing wrong. We were planning on using it on about 6000 units.
g
groob
01/04/2019, 5:35 PM
is it always timing out?
groob
01/04/2019, 5:35 PM
or are you getting other error messages?
groob
01/04/2019, 5:36 PM
can you show me the output of
curl -v <https://your-fleet-server:8080/healthz>e
eli_pro
01/04/2019, 5:40 PMg
groob
01/04/2019, 5:40 PM
so osquery is not the problem
groob
01/04/2019, 5:41 PM
firewall issue? something else?
groob
01/04/2019, 5:41 PM
try restarting fleet
e
eli_pro
01/04/2019, 5:41 PMok. copy.
eli_pro
01/04/2019, 5:43 PMglad we can rule out osquery as problem.
g
groob
01/04/2019, 5:43 PM
the issue is 100% your environment. not osquery and not fleet
e
eli_pro
01/04/2019, 5:47 PMWas afraid that would be the case.
g
groob
01/04/2019, 5:47 PM
are you still able to connect through the browser?
e
eli_pro
01/04/2019, 5:56 PMI am just able to get here in browser. Add new host just give the enroll secret and certificate and link to using launcher or osquery by itself.
g
groob
01/04/2019, 5:56 PM
you’re connecting to
localhostgroob
01/04/2019, 5:57 PM
whatever you’re doing your’re not exposing fleet to be reachable outside of that VM
groob
01/04/2019, 5:57 PM
do you have someone on your networking team or someone with web service experience who can help you troubleshoot?
e
eli_pro
01/04/2019, 6:05 PMyes I ll check with my team to help me with that part.
eli_pro
01/04/2019, 6:06 PMbut glad to know I am following the directions the way they were meant. I ll check with team and hopefully we are able to resolve environment issues. Thank you for all your help.
eli_pro
01/04/2019, 8:58 PM@groob You were 100% correct. It was firewall. Issue resolved. Thank you once again.
👍 1