search

clong / DetectionLab

Automate the creation of a lab environment complete with security tooling and logging best practices
MIT License
4.64k stars 987 forks source link

kolide cert expired #176

Closed n0way0ut closed 5 years ago

n0way0ut commented 5 years ago

Description of the issue:

CONNECTED(00000003) depth=0 CN = kolide verify error:num=18:self signed certificate verify return:1 depth=0 CN = kolide verify error:num=10:certificate has expired notAfter=Nov 1 20:10:21 2018 GMT verify return:1 depth=0 CN = kolide notAfter=Nov 1 20:10:21 2018 GMT verify return:1

clong commented 5 years ago

Hmm I'm not sure this is worth fixing because the cert being used is self-signed and doesn't validate properly anyways. Does Chrome completely block you from accessing the Kolide panel because of this or is it just throwing up a warning?

clong commented 5 years ago

Verified this is non-blocking. Won't fix.

n0way0ut commented 5 years ago

I think that osqueryd is failing to connect to kolide because of this, that is my concern.

clong commented 5 years ago

Ah yes, after testing a bit more last night I did come to that realization. This should be fixed in https://github.com/clong/DetectionLab/pull/177. The cert shouldn't expire for 1000 days (by which point I assume I will probably no longer be maintaining this project)

n0way0ut commented 5 years ago

who knows? :D