Apache2 restart failed after trunk update
-
Now getting this from all clients:
2/29/2016 6:19 PM Middleware::Communication Response: Invalid host certificate 2/29/2016 6:19 PM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 2/29/2016 6:19 PM Data::RSA FOG Server CA cert found 2/29/2016 6:19 PM Middleware::Authentication Cert OK 2/29/2016 6:19 PM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 2/29/2016 6:20 PM Middleware::Communication Response: Success 2/29/2016 6:20 PM Middleware::Authentication Authenticated 2/29/2016 6:20 PM Middleware::Communication URL: http://fog-server/fog/service/jobs.php?mac=B6:AE:2B:EB:6E:CD|00:0A:CD:2A:4D:A6|B4:AE:2B:EB:6F:CC|B4:AE:2B:EB:6F:CD||00:00:00:00:00:00:00:E0&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1 2/29/2016 6:20 PM Middleware::Communication Response: Invalid host certificate 2/29/2016 6:20 PM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 2/29/2016 6:20 PM Data::RSA FOG Server CA cert found 2/29/2016 6:20 PM Middleware::Authentication Cert OK 2/29/2016 6:20 PM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 2/29/2016 6:20 PM Middleware::Communication Response: Success 2/29/2016 6:20 PM Middleware::Authentication Authenticated 2/29/2016 6:20 PM Middleware::Communication URL: http://fog-server/fog/service/jobs.php?mac=B6:AE:2B:EB:6E:CD|00:0A:CD:2A:4D:A6|B4:AE:2B:EB:6F:CC|B4:AE:2B:EB:6F:CD||00:00:00:00:00:00:00:E0&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1 2/29/2016 6:20 PM Middleware::Communication Response: Invalid host certificate 2/29/2016 6:20 PM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 2/29/2016 6:20 PM Data::RSA FOG Server CA cert found 2/29/2016 6:20 PM Middleware::Authentication Cert OK 2/29/2016 6:20 PM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 2/29/2016 6:20 PM Middleware::Communication Response: Success 2/29/2016 6:20 PM Middleware::Authentication Authenticated 2/29/2016 6:20 PM Middleware::Communication URL: http://fog-server/fog/service/jobs.php?mac=B6:AE:2B:EB:6E:CD|00:0A:CD:2A:4D:A6|B4:AE:2B:EB:6F:CC|B4:AE:2B:EB:6F:CD||00:00:00:00:00:00:00:E0&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1```
-
A little cleaner error:
------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 2/29/2016 4:45 PM Client-Info Version: 0.9.11 2/29/2016 4:45 PM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 2/29/2016 4:45 PM Data::RSA FOG Server CA cert found 2/29/2016 4:45 PM Data::RSA ERROR: Certificate validation failed 2/29/2016 4:45 PM Data::RSA ERROR: Trust chain did not complete to the known authority anchor. Errors: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. (NotTimeValid) 2/29/2016 4:45 PM Middleware::Authentication ERROR: Could not authenticate 2/29/2016 4:45 PM Middleware::Authentication ERROR: Certificate is not from FOG CA 2/29/2016 4:45 PM Service Sleeping for 120 seconds 2/29/2016 4:46 PM Service Stop requested 2/29/2016 4:46 PM Bus { "channel": "Status", "data": "{\r\n \"action\": \"unload\"\r\n}" } 2/29/2016 4:46 PM Bus Emmiting message on channel: Status 2/29/2016 4:46 PM Bus Became bus server 2/29/2016 4:46 PM Bus { "channel": "Status", "data": "{\r\n \"action\": \"load\"\r\n}" } 2/29/2016 4:46 PM Bus Emmiting message on channel: Status ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 2/29/2016 4:46 PM Client-Info Version: 0.9.11 2/29/2016 4:46 PM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 2/29/2016 4:46 PM Data::RSA FOG Server CA cert found 2/29/2016 4:46 PM Data::RSA ERROR: Certificate validation failed 2/29/2016 4:46 PM Data::RSA ERROR: Trust chain did not complete to the known authority anchor. Errors: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. (NotTimeValid) 2/29/2016 4:46 PM Middleware::Authentication ERROR: Could not authenticate 2/29/2016 4:46 PM Middleware::Authentication ERROR: Certificate is not from FOG CA 2/29/2016 4:46 PM Service Sleeping for 120 seconds```
-
You have to use the same CA when re-installing the fog server. The new FOG Client absolutely will not trust any server that doesn’t authenticate properly.
What it sounds like is a new one was generated, or it could be some trivial path/location bug…
I keep a backup of my CA on a flash drive - encrypted, and behind a locked door.
-
@Wayne-Workman So if I rolled back and made a backup of the file then followed Tom’s instructions. Replaced the file after the upgrade should that resolve it?
-
@Wayne-Workman Also where is the cert located in the OS?
-
I’m assuming this is the cert? /fog/management/other/ssl/srvpublic.crt
-
@Psycholiquid you need the CA. The certs are actually regenerated on every install, to my understanding.
-
So I’m lost I need it to regenerate or I need to replace with the backed up one
-
@Psycholiquid validity period, can you make sure the windows and fog servers are matching with their time? As you do tend to rely on snapshots of course.
-
@Wayne-Workman ca and private key is not regenerated every install, just the csr and public cert.
-
@Tom-Elliott That’s what I meant.
-
OK so what would I need to do to resolve this. I am in another state trying to get the node working so I dont have to touch every machine but cant due to this.
-
I mean I could roll back but I would rather move forward. The times seem to be just fine so far as I can tell. but my server is being slammed now due to bad requests.
-
Just verified the dates and times are matching perfectly
-
Update:
So it leads me to believe that it is something on the client now? I am really lost on this.
Getting this now:
------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 3/1/2016 8:18 AM Client-Info Version: 0.9.11 3/1/2016 8:18 AM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 3/1/2016 8:18 AM Data::RSA FOG Server CA cert found 3/1/2016 8:18 AM Middleware::Authentication Cert OK 3/1/2016 8:18 AM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 3/1/2016 8:18 AM Middleware::Communication Response: Invalid security token 3/1/2016 8:18 AM Service Sleeping for 120 seconds```
-
Update:
So I went through the though that with the last error maybe it needed to be reinstalled on the client. Did that and then reset the encryption data on the host from the interface. That seems to clear the error, now I am getting different errors on that host. Please see below. Seems to run in circles.
------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 3/1/2016 8:28 AM Client-Info Version: 0.9.11 3/1/2016 8:28 AM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 3/1/2016 8:28 AM Data::RSA FOG Server CA cert found 3/1/2016 8:28 AM Middleware::Authentication Cert OK 3/1/2016 8:28 AM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 3/1/2016 8:29 AM Middleware::Communication Response: Invalid security token 3/1/2016 8:29 AM Service Sleeping for 120 seconds ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 3/1/2016 8:31 AM Client-Info Version: 0.9.11 3/1/2016 8:31 AM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 3/1/2016 8:31 AM Data::RSA FOG Server CA cert found 3/1/2016 8:31 AM Middleware::Authentication Cert OK 3/1/2016 8:31 AM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 3/1/2016 8:31 AM Middleware::Communication Response: Success 3/1/2016 8:31 AM Middleware::Authentication Authenticated 3/1/2016 8:31 AM Bus Registering ParseBus in channel Power ------------------------------------------------------------------------------ ---------------------------------ClientUpdater-------------------------------- ------------------------------------------------------------------------------ 3/1/2016 8:31 AM Client-Info Version: 0.9.11 3/1/2016 8:31 AM ClientUpdater Running... 3/1/2016 8:31 AM Middleware::Communication URL: http://fog-server/fog/service/servicemodule-active.php?moduleid=clientupdater&mac=00:50:56:86:1F:C7||00:00:00:00:00:00:00:E0&newService=1 3/1/2016 8:31 AM Middleware::Communication Response: Success 3/1/2016 8:31 AM Middleware::Communication URL: http://fog-server/fog/service/getversion.php?client&newService=1 ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ----------------------------------TaskReboot---------------------------------- ------------------------------------------------------------------------------ 3/1/2016 8:31 AM Client-Info Version: 0.9.11 3/1/2016 8:31 AM TaskReboot Running... 3/1/2016 8:31 AM Middleware::Communication URL: http://fog-server/fog/service/servicemodule-active.php?moduleid=taskreboot&mac=00:50:56:86:1F:C7||00:00:00:00:00:00:00:E0&newService=1 3/1/2016 8:31 AM Middleware::Communication Response: Success 3/1/2016 8:31 AM Middleware::Communication URL: http://fog-server/fog/service/jobs.php?mac=00:50:56:86:1F:C7||00:00:00:00:00:00:00:E0&newService=1 3/1/2016 8:31 AM Middleware::Communication Response: Invalid host certificate 3/1/2016 8:31 AM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 3/1/2016 8:31 AM Data::RSA FOG Server CA cert found 3/1/2016 8:31 AM Middleware::Authentication Cert OK 3/1/2016 8:31 AM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 3/1/2016 8:31 AM Middleware::Communication Response: Success 3/1/2016 8:31 AM Middleware::Authentication Authenticated 3/1/2016 8:31 AM Middleware::Communication URL: http://fog-server/fog/service/jobs.php?mac=00:50:56:86:1F:C7||00:00:00:00:00:00:00:E0&newService=1&newService=1 3/1/2016 8:31 AM Middleware::Communication Response: Invalid host certificate 3/1/2016 8:31 AM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 3/1/2016 8:31 AM Data::RSA FOG Server CA cert found 3/1/2016 8:31 AM Middleware::Authentication Cert OK 3/1/2016 8:31 AM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 3/1/2016 8:31 AM Middleware::Communication Response: Success 3/1/2016 8:31 AM Middleware::Authentication Authenticated 3/1/2016 8:31 AM Middleware::Communication URL: http://fog-server/fog/service/jobs.php?mac=00:50:56:86:1F:C7||00:00:00:00:00:00:00:E0&newService=1&newService=1&newService=1 3/1/2016 8:32 AM Middleware::Communication Response: Invalid host certificate 3/1/2016 8:32 AM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 3/1/2016 8:32 AM Data::RSA FOG Server CA cert found 3/1/2016 8:32 AM Middleware::Authentication Cert OK 3/1/2016 8:32 AM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 3/1/2016 8:32 AM Middleware::Communication Response: Success 3/1/2016 8:32 AM Middleware::Authentication Authenticated 3/1/2016 8:32 AM Middleware::Communication URL: http://fog-server/fog/service/jobs.php?mac=00:50:56:86:1F:C7||00:00:00:00:00:00:00:E0&newService=1&newService=1&newService=1&newService=1 3/1/2016 8:32 AM Middleware::Communication Response: Invalid host certificate 3/1/2016 8:32 AM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 3/1/2016 8:32 AM Data::RSA FOG Server CA cert found 3/1/2016 8:32 AM Middleware::Authentication Cert OK 3/1/2016 8:32 AM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 3/1/2016 8:32 AM Middleware::Communication Response: Success 3/1/2016 8:32 AM Middleware::Authentication Authenticated 3/1/2016 8:32 AM Middleware::Communication URL: http://fog-server/fog/service/jobs.php?mac=00:50:56:86:1F:C7||00:00:00:00:00:00:00:E0&newService=1&newService=1&newService=1&newService=1&newService=1 3/1/2016 8:32 AM Middleware::Communication Response: Invalid host certificate 3/1/2016 8:32 AM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 3/1/2016 8:32 AM Data::RSA FOG Server CA cert found 3/1/2016 8:32 AM Middleware::Authentication Cert OK 3/1/2016 8:32 AM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 3/1/2016 8:32 AM Middleware::Communication Response: Success 3/1/2016 8:32 AM Middleware::Authentication Authenticated 3/1/2016 8:32 AM Middleware::Communication URL: http://fog-server/fog/service/jobs.php?mac=00:50:56:86:1F:C7||00:00:00:00:00:00:00:E0&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1
-
Bringing in the big guns to maybe shed light on what’s going.
Informing @Jbob -
@Wayne-Workman Yeah it is very weird, its like it wants to work, but then it gets all confused. I did manually install the client. But I see where it is trying to run also.
-
@Psycholiquid Is
fog-server
your fog server’s actual name and is there a DNS entry for it? -
@Wayne-Workman it is a cname but it works no problem, I can ping it from anywhere on the network. It is not however the server name. I was using IP addresses before but didnt like that. But this has been in place for about 8 months now