I am with another problem. LOL. sorry. From the se...
# fleetj
juan
01/18/2023, 6:19 PMI am with another problem. LOL. sorry. From the server I am seeing this error. I do not understand what the problem is if the token is given to me by the page and it is the one that I am putting to generate the installer.
2023/01/18 15:16:59 http: TLS handshake error from 10.10.10.105:53475: local error: tls: bad record MACk
Kathy Satterlee
01/18/2023, 6:31 PMNo need to apologize! That error points to an issue with your certificate. Are you using a self-signed cert?
j
juan
01/18/2023, 6:51 PMyes
juan
01/18/2023, 6:53 PMI am following this tutorial. and everything works fine except the certificate. Could you give me an example that I'm a little green on the subject? https://fleetdm.com/docs/deploying/server-installation
juan
01/18/2023, 6:56 PMopenssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \
-keyout /tmp/server.key -out /tmp/server.cert -subj "/CN=fleetdm" \
-addext "subjectAltName=DNS:10.10.10.76"
juan
01/18/2023, 6:58 PMThanks for the help. would I be missing something? Or am I making a mistake in the dns by putting the ip?
k
Kathy Satterlee
01/18/2023, 7:13 PMMake sure that the address you're passing when generating your certificate
Copy code
--fleet-url=<https://x.x.x.x:8080>subjectAltNamel
Lucas Rodriguez
01/18/2023, 7:14 PM2 cents: If you are using a self-signed cert, when generating the package you need to use the
--insecurefleetctl package [...] --insecureLucas Rodriguez
01/18/2023, 7:14 PM(This is not recommended for production deployments, but given you are using a self-signed certificate you are probably testing Fleet?)
j
juan
01/18/2023, 7:17 PMYeah. It is correct. I am testing with an internal ip. in my lab. sure is that. Now I add the option that you tell me to see how it works. Thank you!
2 Views