Problem with certificate and multiple installation

LaurentB

Hi all !
I have a problem with fog…
I want to use it for the snapin function, so i install a first version (1.5.0 in debian) in a virtual environment, AND i start deploying my fog client on computers in my domain.
After that, i had performance problem with the server, so i made a new installation.
Again i had performance problem and, this time, i install a new physical server with latest version (fog 1.5.2 and Ubuntu 18.04 LTS).

I create new snapin task BUT it only works on a few computers…

I searched why and on the customers who don’t work i have this error in the fog.log :

------------------------------------------------------------------------------
----------------------------------UserTracker---------------------------------
------------------------------------------------------------------------------
 25/05/2018 10:14 Client-Info Client Version: 0.11.16
 25/05/2018 10:14 Client-Info Client OS:      Windows
 25/05/2018 10:14 Client-Info Server Version: 1.5.2
 25/05/2018 10:14 Middleware::Response ERROR: Unable to get subsection
 25/05/2018 10:14 Middleware::Response ERROR: La référence d'objet n'est pas définie à une instance d'un objet.
 25/05/2018 10:14 Service Sleeping for 81 seconds
 25/05/2018 10:15 Middleware::Communication URL: http://srv-fog1-n0/fog/management/index.php?sub=requestClientInfo&configure&newService&json
 25/05/2018 10:15 Middleware::Response Success
 25/05/2018 10:15 Middleware::Communication URL: http://srv-fog1-n0/fog/management/index.php?sub=requestClientInfo&mac=B0:83:FE:B7:49:D0||00:00:00:00:00:00:00:E0&newService&json
 25/05/2018 10:15 Middleware::Authentication Waiting for authentication timeout to pass
 25/05/2018 10:16 Middleware::Communication Download: http://srv-fog1-n0/fog/management/other/ssl/srvpublic.crt
 25/05/2018 10:16 Data::RSA FOG Server CA cert found
 25/05/2018 10:16 Data::RSA ERROR: Certificate validation failed
 25/05/2018 10:16 Data::RSA ERROR: Trust chain did not complete to the known authority anchor. Errors: La signature du certificat ne peut pas être vérifiée. (NotSignatureValid)
 25/05/2018 10:16 Middleware::Authentication ERROR: Could not authenticate
 25/05/2018 10:16 Middleware::Authentication ERROR: Certificate is not from FOG CA
 25/05/2018 10:16 Middleware::Response Success
 25/05/2018 10:16 Middleware::Communication URL: http://srv-fog1-n0/fog/service/getversion.php?clientver&newService&json
 25/05/2018 10:16 Middleware::Communication URL: http://srv-fog1-n0/fog/service/getversion.php?newService&json

 25/05/2018 10:16 Service Creating user agent cache
 25/05/2018 10:16 Middleware::Response ERROR: Unable to get subsection
 25/05/2018 10:16 Middleware::Response ERROR: La référence d'objet n'est pas définie à une instance d'un objet.
 25/05/2018 10:16 Middleware::Response ERROR: Unable to get subsection
 25/05/2018 10:16 Middleware::Response ERROR: La référence d'objet n'est pas définie à une instance d'un objet.
 25/05/2018 10:16 Middleware::Response ERROR: Unable to get subsection
 25/05/2018 10:16 Middleware::Response ERROR: La référence d'objet n'est pas définie à une instance d'un objet.

From the information I found, I THINK, I have a certificate problem…

I try to use the command :

mysql
use fog
UPDATE hosts SET hostPubKey="", hostSecToken="", hostSecTime="2018-05-24 16:36:00"

But i still have the problem…

My previous virtual servers are totally deleted and not backed up (I don’t think I needed them) so I can’t recover older files.

I can not reinstall the fog client because there is really too much…

I don’t know what to do !

help me obi wan kenobi, you’re my only hope

Sebastian Roth

Might ask @joe-schmitt about this. He might know hot to help.

Joe Schmitt

@LaurentB unfortunately, once a client installation occurs, it “locks itself” into the server you first point it at. If you had the old server available, I’d recommend doing: https://wiki.fogproject.org/wiki/index.php?title=FOG_Client#Maintain_Control_Of_Hosts_When_Building_New_Server.

Now, since you don’t have the old server(s), you will have to uninstall, and then install each client. However, if the machines are bound to an Active Directory domain, you should be able to automate this with a simple batch script, and deploy it via GPO.

LaurentB

Thanks a @Joe-Schmitt I was afraid of that answer …
So let’s go scripting i will made a fresh install !

LaurentB

It looks better afin reinstall of the clients !

I had to do several times the mysql command :

UPDATE hosts SET hostPubKey="", hostSecToken="", hostSecTime="2018-05-29 09:47:07";

BUT it works.

Thanks.

NB : i don’t know how to mark the topic as “solved”