Unable to join to domain - build 3331
-
Excuse me Tom, any suggestion with this?
Thanks.
-
can you try upgrading to latest svn?
-
Of course.Right now!
-
The same thing.
This is the GET line log before “Invalid host certificate”. Perhaps can show you something:
[05/May/2015:16:36:16 +0200] “GET /fog/management/index.php?sub=authorize&sym_key=8d951420a55d8b8f7d4845105b33cd8cfffaf3d2aca9f47cfef66585104cae607822811e2aaf93a55290577ca0918d743cf549eb5c1fa06e77d99f49a7378f96ee10f36df0fc36a7595b704b3712cb2d2f8412b18c4ceab1da1a290d42605d243d3c0c7df1487ce4b214a36e66e5dc44e3abdc22d773f1fa4e879b122968d1d27a7d80eb3c0ca636052cb2aaf5104c129c138c1662697ab9872e678e04178793b9abf5192b98ce105a6f08c87b8c51e530f9df4ea6d9d4f3e7b44489ebc73f15b3e4d50020bd05a8bfac2c17be9bd25b5cd6d16978daa7df6f0caa5ed53e2a6c5ba87cd9ce42a6b13d083318b5d8e59b06e5f1fba89e88ccd46f0d8b2b701621b5d486dfdf6043b70b4a96a4904dfdb13bb58880fe0b2b22df958a3859919778da9a1ca73d88f14c8b8ea0f795dfa2d9b43f0f24a2564c202ac204f29a44873068396dc3cd13e94f6f33dace7179cf4156d7dc591c7af3509eb4eac2bfe0e4622702e5c84a745702550c09179771b11d0740e954b16d58d8fdeab62a8b84e5fc02960d092982f0be0732d608b9996d47d8d60168298621802c8bdfd547829b5d688014fe54a51e47798bd3fa8c810e427b53121ec19a5281227344059edd8ef035ea85e2241c1c1adecb7bf09aae0bda90038336c80faefd72a243fadba53f94a20eddd27b41dbb1e870a835eb44e3aa983db3bdea17143373ff49587ccfd53e&mac=00:FF:EC:5A:67:35%7C00:0E:0C:5E:17:AE%7C%7C00:00:00:00:00:00:00:E0%7C00:00:00:00:00:00:00:E0%7C00:00:00:00:00:00:00:E0%7C00:00:00:00:00:00:00:E0&newService=1 HTTP/1.1” 200 403 “-” “-”I’ve noticed that the “sym_key” changes in each service start.
-
It should change every time. Do me a favor and delete the folders /var/www/fog/management/other/ssl and /opt/fog/snapins/ssl. Then restart the fogservice on that machine.
-
I have done this:
- removed /var/www/fog/management/other/ssl and /opt/fog/snapins/ssl
- uninstalled fog client on client machine
- be sure no fog files remain on client machine
- install fog client and reboot
- on server, directory /var/www/fog/management/other/ssl with srvpublic.key file has been created again
- on client machine logs show this:
05/05/2015 17:25 RegistryHandler 32 bit registry detected
--------------------------------Authentication--------------------------------
05/05/2015 17:25 Client-Info Version: 0.7.2
05/05/2015 17:25 CommunicationHandler URL: [url]http://172.16.1.43/fog/management/other/ssl/srvpublic.key[/url]
05/05/2015 17:25 CommunicationHandler ERROR: error:0906D06C:PEM routines:PEM_read_bio:no start line
05/05/2015 17:25 CommunicationHandler Failed to authenticateSo different. But what does this mean?
-
Ah, glorious PEM errors. Since you deleted the public keys, the client is trying to use a blank public key. You’re going need have FOG re-generate its public keys. The reason Tom had you delete them is that the client was retrieving a public key that didn’t match your private key.
-
Ok, that sounds good:)
How do I do that? Just removing /var/www/fog/management/other/ssl/srvpublic.key and invoking “installfog.sh” again? -
I have reinstalled all fog files in server and fog client in client machine and logs are the same.
I guess public key is at “/var/www/fog/management/other/ssl/srvpublic.key” in server and at “\program files\FOG\tmp” in client machine, and I have checked they are equal.
I have found private key in server at “/opt/fog/snapins/ssl/.srvprivate.key”. Is that where is supposed to be?
I don’t know how go on from here! -
@Frank said in Unable to join to domain - build 3331:
I guess public key is at “/var/www/fog/management/other/ssl/srvpublic.key”
Just dropping a friendly moderator line here - in FOG 1.4 the public key is here on the main fog server:
/var/www/fog/management/other/ssl/srvpublic.crt
You should be able to view the public certificate via the below URL, replacing x.x.x.x with your FOG Server’s IP address or FQDN.
http://x.x.x.x/fog/management/other/ssl/srvpublic.crt
