Custom CA problem boot PXE
-
Hello everyone,
i tried to import my custom CA but i have a issue when i tried to boot on PXE
»Start PXE over IPu4.
Station IP address is 192.168.1.50
Server IP address is 192.168.1.1
NBP filename is ipse.efi
NBP filesize is 1115136 Bytes
Downloading NBP file…NBP file downloaded successfully.
iPXe initialising devices…autoexec. ipxe… Not found (
https://ipxe.org/2d12618e) WARNING: Using legacy NIC wrapper on 0c:0c:0c:0c:0c:0c
IPXE 1.21.1+ (g2194) – Open Source Network Boot Firmware – https://ipxe.org
Features: DNS FTP. HTTP HTTPS iSCSI NES TFTP VLAN SRP AOE EFI Menu Configuring (netodO:ad:08:e9:5a:b9) … ok Received DHCP answer on interface neto tftp://192.168.1.1/default-ipxe…ok
https://192.168.1.1/fog/service/ipxe/boot-php...Permission denied
https://ipxe.org/0216eaBf)
Could not boot: Permission denied (https://ipxe.org/0216eaBf)Chainloading failed, hit ‘s’ for the iPXE shell: reboot in 10 secondsWhen i do a buildipxe.sh before that finish i have this error :
[FINISH] bin-arm64-efi/ncm–ecm–axge.efi
rm bin-arm64-efi/version.ncm–ecm–axge.efi.o bin-arm64-efi/version.intel.efi.o bin-arm64-efi/version.snp.efi.o bin-arm64-efi/version.snponly.efi.o bin-arm64-efi/version.realtek.efi.o bin-arm64-efi/version.ipxe.efi.o
./buildipxe.sh: line 87: bin-arm64-efi/snp.efi: Permission deniedi read older topic people have same problem before but i dont understant how they fix this issue
i’m on Debian 12 lastest Fog Version
Thanks you for you anwser
-
My good, i found it !!!
i the default.ipxe i change the value for my FQDN of my DNS and that work’s !!!
i lost 2 days with this issue :V thanks you !
-
@NoIPName Can you get to
https://192.168.1.1/fogin a web browser without any cert is bad prompts?Because pxe wants to use the ip address in the url you have to have the ip address san in the certificate that your fog web server is using.
That cert for the web server needs to be from the custom ca.
That public cert can also affect client communication if you change it in the default path from fog install. -
@JJ-Fullmer Yep i can get in the website, i tried also curl the link too and no problem i have the content
I check everylog i have nothing else
-
My good, i found it !!!
i the default.ipxe i change the value for my FQDN of my DNS and that work’s !!!
i lost 2 days with this issue :V thanks you !
-
[[undefined-on, N NoIPName, ]]
-
[[undefined-on, N NoIPName, ]]
