• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    win10 1909 fogserver 1.5.7 debian (might have screwed something up?)

    Scheduled Pinned Locked Moved Solved
    Windows Problems
    2
    6
    485
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      p4cm4n
      last edited by

      for whatever reason - when i have been deploying 1909 the following appears in the log:
      RSA FOG Server CA cert found
      RSA ERROR Certificate validation failed
      RSA ERROR Trust Chain did not complete to the known authority anchor. Errors: The signature of the certificate cannot be verified. NotSignatureValid
      Authentication ERROR Could not authenticate
      Authentication ERROR Certificate is not from FOG CA

      This could be something I messed up as I haven’t prepped my images since 1903 over the summer. Workflow is as follows:
      Created base 1909 in ESXi, installed scripts and such.
      Ran FOG installation, set service to disabled, injected firstlogin script to run installation again, with all quiet batch strings.
      Sysprep.
      Capture image, then deploy to new machine.
      Machine boots, script runs and installs fog successfully. Starts service. Error above appears.

      This hasn’t happened on my previous images.

      1 Reply Last reply Reply Quote 0
      • S
        Sebastian Roth Moderator
        last edited by

        @p4cm4n May I ask if you use the exact same FOG server that you ever have or did you switch to a different server at some point??

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        1 Reply Last reply Reply Quote 0
        • P
          p4cm4n
          last edited by p4cm4n

          i have many - one at most of the sites i support.

          the one at the site i created the original image ( home ) is 1.5.6, most of my sites are 1.5.6. i have not changed them any time recently.
          in fact, the one where i noticed this was a brand new install that day of 1.5.7.

          could it be that pre-image, when i installed fog, it has some sort of file in a local directory that doesn’t get replaced when fog gets reinstalled?
          i’d thought this be possible but typically reinstalling the client fixes the issue anyways. since my first run script does that, i’ve been confused.

          1 Reply Last reply Reply Quote 0
          • S
            Sebastian Roth Moderator
            last edited by Sebastian Roth

            @p4cm4n said in win10 1909 fogserver 1.5.7 debian (might have screwed something up?):

            could it be that pre-image, when i installed fog, it has some sort of file in a local directory that doesn’t get replaced when fog gets reinstalled?
            i’d thought this be possible but typically reinstalling the client fixes the issue anyways. since my first run scriphttps://forums.fogproject.org/topic/12119/domain-join-not-working/14t does that, i’ve been confused.

            Yes and yes. When installing the fog-client it pulls the FOG server SSL certificate from the server it is configured to talk to. Now if you change the configuration of the client to talk to a different server later on it will fail! But as you say your first run script would do a re-install anyway this shouldn’t be a problem.

            FOG server version should not plhttps://forums.fogproject.org/topic/12119/domain-join-not-working/14ay a role. As long as you don’t re-run the installer using the command line switch to re-issue a new FOG Server CA (-C) there should not be a problem. On the client where you see the issue, you might want to take a look at the Windows certificate store. Find the “FOG Server CA” cert and note down the thumbprint. Now on your FOG server run the following commands and compare all the thumbprints:

            openssl x509 -noout  -fingerprint -sha1 -inform pem -in /opt/fog/snapins/ssl/CA/.fogCA.pem 
            openssl x509 -noout  -fingerprint -sha1 -inform pem -in /var/www/html/fog/management/other/ca.cert.pem
            

            Also see my last posts here: https://forums.fogproject.org/topic/12870/web-interface-slowdown-and-fog-client-authentication-issues

            Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

            Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

            P 1 Reply Last reply Reply Quote 0
            • P
              p4cm4n @Sebastian Roth
              last edited by

              @Sebastian-Roth i apologize for the assumptions.

              after further reviewing, and testing - it seems that for whatever reason, my scripts are not running at boot.

              it is trying to find the old server, and the new installation never happens - just the enabling of the service - hence the errors i’ve been seeing.

              not sure why, but win10 1909 is causing it for some reason. might be the computers and their speed but i don’t think so. i’m testing more.

              bottom line - it is not a fog issue.
              thanks for your assistance however.

              1 Reply Last reply Reply Quote 0
              • S
                Sebastian Roth Moderator
                last edited by

                @p4cm4n Good to hear it’s not caused by the fog-client. Keeping my fingers crossed that you find what broke the install on 1909 soon! Please let us know what you find.

                Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                1 Reply Last reply Reply Quote 0
                • 1 / 1
                • First post
                  Last post

                155

                Online

                12.0k

                Users

                17.3k

                Topics

                155.2k

                Posts
                Copyright © 2012-2024 FOG Project