client server token issues.
-
I am having issues with the latest working branch rev 64
for some reason the client will no longer communicate with the server, I get the following in the fog.log------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 10/17/2017 1:17 PM Client-Info Version: 0.11.12 10/17/2017 1:17 PM Client-Info OS: Windows 10/17/2017 1:17 PM Middleware::Authentication Waiting for authentication timeout to pass 10/17/2017 1:17 PM Middleware::Communication Download: http://10fogserver/fog/management/other/ssl/srvpublic.crt 10/17/2017 1:17 PM Data::RSA FOG Server CA cert found 10/17/2017 1:17 PM Middleware::Authentication Cert OK 10/17/2017 1:17 PM Middleware::Authentication ERROR: Could not get security token 10/17/2017 1:17 PM Middleware::Authentication ERROR: Could not find file 'C:\Program Files (x86)\FOG\token.dat'. 10/17/2017 1:17 PM Middleware::Communication POST URL: http://10fogserver/fog/management/index.php?sub=requestClientInfo&authorize&newService 10/17/2017 1:17 PM Middleware::Response Failed to decrypt data -
@sebastian-roth I don’t know how that happened but I copied the srvpublic.crt from a backup and it is fixed.
Thanks for all the help
-
Moved to bug reports as it looks like an issue on the server side from what I see so far. Thanks for reporting. We’ll look into this soon.
@Tom-Elliott Something that changed in the PHP code that could cause this?
-
Nope. Nothing. I’ve been working with Greg most of the day on this. His last working version was 57 (67cd9e). However, this issue still occurs on this version as well, now.
-
@Tom-Elliott Could we possibly can get a
tcpdumpof the traffic when this happens? Just runsudo tcpdump -w /tmp/client-foo.pcap host x.x.x.x… -
@Tom-Elliott Ok, just had a look at the PCAP (thanks for that!). Looks like the client does send “proper looking” data but the server is not able to handle it.
@Greg-Plamondon Possibly that’s because client and server time differ too much? Please check to see if those match up (at the most ten seconds difference).
Is this a fairly new install (certs created when?) or an old one?
-
@sebastian-roth The times are synced with 0.pool.ntp.org and are spot on.
This installation is atleast 2-3 years old -
@Greg-Plamondon Ok, just wanted to make sure time is not an issue. Please run the following commands on the FOG server terminal and post output here:
openssl x509 -dates -noout -in /var/www/fog/management/other/ssl/srvpublic.crt openssl x509 -dates -noout -in /var/www/fog/management/other/ca.cert.pem -
@sebastian-roth said in client server token issues.:
openssl x509 -dates -noout -in /var/www/fog/management/other/ssl/srvpublic.crt
openssl x509 -dates -noout -in /var/www/fog/management/other/ca.cert.pemroot@10fogserver:~ $ openssl x509 -dates -noout -in /var/www/fog/management/other/ssl/srvpublic.crt notBefore=Oct 17 16:56:23 2017 GMT notAfter=Oct 15 16:56:23 2027 GMT root@10fogserver:~ $ openssl x509 -dates -noout -in /var/www/fog/management/other/ca.cert.pem notBefore=Jul 19 22:30:11 2016 GMT notAfter=Jul 17 22:30:11 2026 GMT -
-
@sebastian-roth I don’t know how that happened but I copied the srvpublic.crt from a backup and it is fixed.
Thanks for all the help