• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

win10 1909 fogserver 1.5.7 debian (might have screwed something up?)

Scheduled Pinned Locked Moved Solved
Windows Problems
2
6
485
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    p4cm4n
    last edited by Dec 27, 2019, 1:35 PM

    for whatever reason - when i have been deploying 1909 the following appears in the log:
    RSA FOG Server CA cert found
    RSA ERROR Certificate validation failed
    RSA ERROR Trust Chain did not complete to the known authority anchor. Errors: The signature of the certificate cannot be verified. NotSignatureValid
    Authentication ERROR Could not authenticate
    Authentication ERROR Certificate is not from FOG CA

    This could be something I messed up as I haven’t prepped my images since 1903 over the summer. Workflow is as follows:
    Created base 1909 in ESXi, installed scripts and such.
    Ran FOG installation, set service to disabled, injected firstlogin script to run installation again, with all quiet batch strings.
    Sysprep.
    Capture image, then deploy to new machine.
    Machine boots, script runs and installs fog successfully. Starts service. Error above appears.

    This hasn’t happened on my previous images.

    1 Reply Last reply Reply Quote 0
    • S
      Sebastian Roth Moderator
      last edited by Dec 28, 2019, 2:18 PM

      @p4cm4n May I ask if you use the exact same FOG server that you ever have or did you switch to a different server at some point??

      Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

      Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

      1 Reply Last reply Reply Quote 0
      • P
        p4cm4n
        last edited by p4cm4n Dec 28, 2019, 9:39 PM Dec 29, 2019, 3:37 AM

        i have many - one at most of the sites i support.

        the one at the site i created the original image ( home ) is 1.5.6, most of my sites are 1.5.6. i have not changed them any time recently.
        in fact, the one where i noticed this was a brand new install that day of 1.5.7.

        could it be that pre-image, when i installed fog, it has some sort of file in a local directory that doesn’t get replaced when fog gets reinstalled?
        i’d thought this be possible but typically reinstalling the client fixes the issue anyways. since my first run script does that, i’ve been confused.

        1 Reply Last reply Reply Quote 0
        • S
          Sebastian Roth Moderator
          last edited by Sebastian Roth Dec 29, 2019, 2:36 AM Dec 29, 2019, 8:33 AM

          @p4cm4n said in win10 1909 fogserver 1.5.7 debian (might have screwed something up?):

          could it be that pre-image, when i installed fog, it has some sort of file in a local directory that doesn’t get replaced when fog gets reinstalled?
          i’d thought this be possible but typically reinstalling the client fixes the issue anyways. since my first run scriphttps://forums.fogproject.org/topic/12119/domain-join-not-working/14t does that, i’ve been confused.

          Yes and yes. When installing the fog-client it pulls the FOG server SSL certificate from the server it is configured to talk to. Now if you change the configuration of the client to talk to a different server later on it will fail! But as you say your first run script would do a re-install anyway this shouldn’t be a problem.

          FOG server version should not plhttps://forums.fogproject.org/topic/12119/domain-join-not-working/14ay a role. As long as you don’t re-run the installer using the command line switch to re-issue a new FOG Server CA (-C) there should not be a problem. On the client where you see the issue, you might want to take a look at the Windows certificate store. Find the “FOG Server CA” cert and note down the thumbprint. Now on your FOG server run the following commands and compare all the thumbprints:

          openssl x509 -noout  -fingerprint -sha1 -inform pem -in /opt/fog/snapins/ssl/CA/.fogCA.pem 
          openssl x509 -noout  -fingerprint -sha1 -inform pem -in /var/www/html/fog/management/other/ca.cert.pem
          

          Also see my last posts here: https://forums.fogproject.org/topic/12870/web-interface-slowdown-and-fog-client-authentication-issues

          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

          P 1 Reply Last reply Dec 30, 2019, 3:57 PM Reply Quote 0
          • P
            p4cm4n @Sebastian Roth
            last edited by Dec 30, 2019, 3:57 PM

            @Sebastian-Roth i apologize for the assumptions.

            after further reviewing, and testing - it seems that for whatever reason, my scripts are not running at boot.

            it is trying to find the old server, and the new installation never happens - just the enabling of the service - hence the errors i’ve been seeing.

            not sure why, but win10 1909 is causing it for some reason. might be the computers and their speed but i don’t think so. i’m testing more.

            bottom line - it is not a fog issue.
            thanks for your assistance however.

            1 Reply Last reply Reply Quote 0
            • S
              Sebastian Roth Moderator
              last edited by Dec 30, 2019, 8:29 PM

              @p4cm4n Good to hear it’s not caused by the fog-client. Keeping my fingers crossed that you find what broke the install on 1909 soon! Please let us know what you find.

              Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

              Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

              1 Reply Last reply Reply Quote 0
              • 1 / 1
              1 / 1
              • First post
                3/6
                Last post

              150

              Online

              12.0k

              Users

              17.3k

              Topics

              155.2k

              Posts
              Copyright © 2012-2024 FOG Project