https://github.com/osquery/osquery logo
Powered by
#windows
Title
# windows
j

Jerome

11/12/2019, 11:12 AM
hello, I have an issue when I want to use parameter 
--tls_server_certs
. This is working when I use it directly in the command line but when I use through the flag file and the parameter 
--flagfile
I have the error:
Copy code
Cannot read TLS server certificate(s): "C:\Program Files\osquery\kolide_self.crt"
Is there a bug?
if I do 
.\osqueryd.exe --flagfile="C:\Program Files\osquery\osquery.flags" --tls_server_certs="C:\\Program Files\\osquery\\kolide_self.crt"
this also working
a

Andrea

11/12/2019, 12:49 PM
I guess the path to your certificate is double quoted on osquery.flags. Remove those quotes
you don't need them
s

seph

11/12/2019, 12:59 PM
I suspect there's an issue passing paths with spaces. Not sure if it's in the flags command line, or in that file. But spaces in file names has been a surprisingly confusing windows issue
j

Jerome

11/12/2019, 1:26 PM
that was the quotes in the file 
osquery.flags
. I removed them and it works.
👍 2
but that's a bit weird because I also have 
--enroll_secret_path="C:\\Program Files\\osquery\\enroll_secret"
and it works from command line and from the 
osquery.flags
with the quotes
thank you for the help anyway
t

theopolis

11/12/2019, 3:08 PM
I think this is a nuance of gflags-parsing and the shell parameters. Quoting things is typically a shell-requirement since spaces are delimiters. The gflags library uses newlines as delimiters in the flagfile. Since flagfile parsing is internal to gflags we have little opportunity to 'sanitize', for example pre-process and remove the 
"
characters. We could find a way to document this expectation better.
s

seph

11/12/2019, 3:29 PM
quoting in windows is also just super confusing. Quote characters are inconsistent between powershell and cmd.exe.
4 Views
Powered by