Channels
  • d

    Dhruv Rathod

    7 months ago
    hi all! is there any doc/demonstration about how OSquery enrollment for TLS communication works? like how are the secret file and certificates verified, etc.?
  • Mike Myers

    Mike Myers

    7 months ago
    there's just this https://osquery.readthedocs.io/en/latest/deployment/remote/#simple-shared-secret-enrollment but if you have specific questions maybe they can be answered here
  • d

    Dhruv Rathod

    7 months ago
    oh I think this answers my question, but just to be sure, when osquery provides the correct enrollment secret to the server, the server sends a
    NODE_KEY
    back, right? which means that the validation was successful?
    and the node_key can be used for future authentication too as I understand
  • Mike Myers

    Mike Myers

    7 months ago
    @Stefano Bonicatti do you know? I'm not that familiar with this part
  • Stefano Bonicatti

    Stefano Bonicatti

    7 months ago
    Yes, it’s correct; also if the node key sent back to the server by osquery is incorrect, osquery then receives a response with
    node_invalid: true
    and will attempt to re-enroll