• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

Does FOG Support HTTPS Network boot and image installation

Scheduled Pinned Locked Moved
General
3
3
219
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    michaelkoch1811
    last edited by Aug 6, 2024, 2:48 PM

    Is it possible to use IPXE HTTPS or UEFI HTTPS Network boot with Fog Project, because most of the communication or completely should be encrypted.
    Or how do you have to configure this.
    Unfortunately, I have not yet found any instructions in the documentation.
    Of course, it is also necessary to import the certificates or install IPXE on the client side.
    Perhaps I have overlooked something and would like some clarification.
    It is possible to start the installation remotely once the device has been registered on the server, e.g. during an image update. Or do you have to physically access it every time.

    G 1 Reply Last reply Aug 6, 2024, 10:29 PM Reply Quote 0
    • G
      george1421 Moderator @michaelkoch1811
      last edited by Aug 6, 2024, 10:29 PM

      @michaelkoch1811 with the proper command line switches (sorry I can’t remember off the top of my head) the fog installer will create a self signed certificate, setup the web server and recompile ipxe with the ssl certificate. Then FOG will use ssl for communications. You can not bring your own certificate, it will need to be a fog installer created self signed certificate.

      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

      T 1 Reply Last reply Aug 7, 2024, 10:15 AM Reply Quote 0
      • T
        Tom Elliott @george1421
        last edited by Aug 7, 2024, 10:15 AM

        @george1421 That’s true if using the fog installer to handle it.

        @michaelkoch1811 There are methods to rebuild the binaries using your own binaries of course.

        in the fogproject folder (where you normally run an installer) there’s a file under:
        utils/FOGiPXE called buildipxe.sh

        if you call this script with your <path/to/your/certificate.pem> it should build the ipxe binaries with your custom certificate.

        ./buildipxe.sh path/to/your/certificate.pem
        

        By default it will try to use the CA pem we generated for FOG at install.

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        1 Reply Last reply Reply Quote 0
        • 1 / 1
        1 / 1
        • First post
          1/3
          Last post

        151

        Online

        12.0k

        Users

        17.3k

        Topics

        155.2k

        Posts
        Copyright © 2012-2024 FOG Project