diff --git a/salt/fleet/init.sls b/salt/fleet/init.sls
index f3a844ff3..9986d40a9 100644
--- a/salt/fleet/init.sls
+++ b/salt/fleet/init.sls
@@ -30,6 +30,16 @@ fleetlogdir:
     - user: 939
     - group: 939
     - makedirs: True
+    
+fleetsetupscript:
+  file.managed:
+    - name: /opt/so/conf/fleet/so-fleet-setup.sh
+    - source: salt://fleet/so-fleet-setup.sh
+    
+osquerypackageswebpage:
+  file.managed:
+    - name: /opt/so/conf/fleet/packages/index.html
+    - source: salt://fleet/osquery-packages.html
 
 fleetdb:
   mysql_database.present:
diff --git a/salt/fleet/osquery-packages.html b/salt/fleet/osquery-packages.html
new file mode 100644
index 000000000..c94ba89b9
--- /dev/null
+++ b/salt/fleet/osquery-packages.html
@@ -0,0 +1,113 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<title>Security Onion - Hybrid Hunter</title>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<link rel="icon" type="image/png" href="favicon-32x32.png" sizes="32x32" />
+<link rel="icon" type="image/png" href="favicon-16x16.png" sizes="16x16" />
+<style>
+* {
+  box-sizing: border-box;
+  font-family: Arial, Helvetica, sans-serif;
+	padding-left: 30px;
+	padding right: 30px;
+}
+
+body {
+  font-family: Arial, Helvetica, sans-serif;
+	background-color: #2a2a2a;
+
+}
+a {
+	color: #f2f2f2;
+	text-align: left;
+	padding: 0px;
+}
+/* Style the top navigation bar */
+.topnav {
+  overflow: hidden;
+  background-color: #333;
+	width: 1080px;
+}
+
+/* Style the topnav links */
+.topnav a {
+  float: left;
+  display: block;
+  color: #f2f2f2;
+  text-align: center;
+  padding: 14px 16px;
+  text-decoration: none;
+}
+
+/* Change color on hover */
+.topnav a:hover {
+  background-color: #ddd;
+  color: black;
+}
+
+/* Style the content */
+.content {
+  background-color: #2a2a2a;
+  padding: 10px;
+	padding-top: 20px;
+	padding-left: 60px;
+	color: #E3DBCC;
+	width: 1080px;
+}
+
+/* Style the footer */
+.footer {
+  background-color: #2a2a2a;
+  padding: 60px;
+	color: #E3DBCC;
+	width: 1080px;
+}
+</style>
+</head>
+<body>
+
+<div class="topnav">
+  <a href="/kibana/" target="_blank">Kibana</a>
+  <a href="/grafana/" target="_blank">Grafana</a>
+  <a href="/fleet/" target="_blank">Fleet</a>
+	<a href="/thehive/" target="_blank">TheHive</a>
+	<a href="/packages/" target="_blank">Osquery Binaries</a>
+	<a href="https://github.com/Security-Onion-Solutions/securityonion-saltstack/wiki/FAQ" target="_blank">FAQ</a>
+	<a href="https://www.securityonionsolutions.com" target="_blank">Security Onion Solutions</a>
+	<a href="https://blog.securityonion.net" target="_blank">Blog</a>
+</div>
+
+<div class="content">
+
+	<p><center><h1>Osquery Packages</h1></center><br>
+
+              <h2>Notes</h2>
+                <ul>
+                        <li>These packages are customized for this specific Fleet install and will only be generated after the Fleet setup script has been run. If you want vanilla osquery packages, you can get them directly from <a href="https://osquery.io/downloads">osquery.io</a></li>
+                        <li>Packages are not signed.</li>
+	       	</ul>
+		<BR> <h2>Downloads</h2>
+                <ul>
+
+Generated: N/A
+                       <BR><BR>Packages:
+			<li><a href="/packages/launcher.msi" download="msi-launcher.msi">MSI (Windows)</a></li>
+                        <li><a href="/packages/launcher.deb" download="deb-launcher.deb">DEB (Debian)</a></li>
+                        <li><a href="/packages/launcher.rpm" download="rpm-launcher.rpm">RPM (RPM)</a></li>
+			<BR><BR>Config Files:
+	                <li><a href="/packages/launcher.flags" download="launcher.flags.txt">RPM & DEB Flag File</a></li>
+			 <li><a href="/packages/launcher-msi.flags" download="launcher-msi.flags.txt">MSI Flag File</a></li>
+		</ul>
+
+		<BR><h2>Known Issues</h2>
+		<ul>
+			<li>None</li>
+		</ul>
+	</p>
+</div>
+
+
+</body>
+</html>
diff --git a/salt/fleet/so-fleet-setup.sh b/salt/fleet/so-fleet-setup.sh
new file mode 100644
index 000000000..64d7fe435
--- /dev/null
+++ b/salt/fleet/so-fleet-setup.sh
@@ -0,0 +1,35 @@
+#so-fleet-setup.sh $MasterIP $FleetEmail
+
+if [ ! "$(docker ps -q -f name=so-fleet)" ]; then
+        echo "so-fleet container not running... Exiting..."
+        exit 1 
+fi
+
+initpw=$(date +%s | sha256sum | base64 | head -c 16 ; echo)
+
+docker exec so-fleet fleetctl config set --address https://$1:443 --tls-skip-verify        
+docker exec so-fleet fleetctl setup --email $2 --password $initpw
+
+docker exec so-fleet fleetctl apply -f /packs/palantir/Fleet/Endpoints/options.yaml
+docker exec so-fleet fleetctl apply -f /packs/palantir/Fleet/Endpoints/MacOS/osquery.yaml
+docker exec so-fleet fleetctl apply -f /packs/palantir/Fleet/Endpoints/Windows/osquery.yaml
+docker exec so-fleet fleetctl apply -f /packs/hh/hhdefault.yml
+
+esecret=$(sudo docker exec so-fleet fleetctl get enroll-secret)
+
+#Concat fleet.crt & ca.crt  - this is required for launcher connectivity
+cat /etc/pki/fleet.crt /etc/pki/ca.crt > /etc/pki/fleet-launcher.crt
+
+#Create the output directory
+mkdir /opt/so/conf/fleet/packages
+
+docker run \
+  --mount type=bind,source=/opt/so/conf/fleet/packages,target=/output \
+  --mount type=bind,source=/etc/pki/fleet-launcher.crt,target=/var/launcher/launcher.crt \
+  defensivedepth/hh-launcher "$esecret" "$1":8080
+
+#Update timestamp on packages webpage
+sed -i "s@.*Generated.*@Generated: $(date '+%m%d%Y')@g" /opt/so/conf/fleet/packages/index.html
+
+echo "Fleet Setup Complete - Login here: https://$1"
+echo "Your username is $2 and your password is $initpw"
diff --git a/salt/ssl/init.sls b/salt/ssl/init.sls
index a2d2b613f..841fc32ff 100644
--- a/salt/ssl/init.sls
+++ b/salt/ssl/init.sls
@@ -1,4 +1,5 @@
 {% set master = salt['grains.get']('master') %}
+{%- set masterip = salt['pillar.get']('static:masterip', '') -%}
 
 # Trust the CA
 
@@ -109,6 +110,7 @@ fbcrtlink:
   x509.certificate_managed:
     - signing_private_key: /etc/pki/fleet.key
     - CN: {{ master }}
+    - subjectAltName: DNS:{{ master }},IP:{{ masterip }}
     - days_remaining: 0
     - days_valid: 3650
     - backup: True