• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

Error: Installing Client Outside of Local Network (Unable to install CA certificate)

Scheduled Pinned Locked Moved Solved
FOG Problems
2
20
3.7k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • F
    fud18
    last edited by May 3, 2017, 3:01 PM

    Server
    • FOG Version: 1.4.0-RC-9.3
    • OS: CentOS 7 (7.3.1611)
    Client
    • Service Version: Latest Version as of 05/02/2017
    • OS: Windows 7 through 10 Professional/Home
    Description

    Whenever I try to install the client on a machine that is outside of my local network (192.168.3.x) i receive the error about Unable to install CA certificate. I am able to install it without problems inside my local network.

    1 Reply Last reply Reply Quote 0
    • F
      fud18
      last edited by May 3, 2017, 5:59 PM

      RESOLVED: I was forcing https on the forward and as soon as I removed that it started working and I have already had 3 machines check in and they were the ones I just installed the client on remotely.

      1 Reply Last reply Reply Quote 0
      • T
        Tom Elliott
        last edited by May 3, 2017, 3:23 PM

        Right, that’s the whole point.

        You don’t have a client that cannot verify a trusted source and the server won’t send a client information that it cannot trust. This is expected.

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        F 1 Reply Last reply May 3, 2017, 3:34 PM Reply Quote 0
        • F
          fud18 @Tom Elliott
          last edited by May 3, 2017, 3:34 PM

          @Tom-Elliott Thanks Tom I just wanted to make sure that was how it was supposed to work. I was trying to update some of my evening clients but I will have to set them up a VPN or do it when they bring their machines back to me.

          T 1 Reply Last reply May 3, 2017, 3:36 PM Reply Quote 0
          • T
            Tom Elliott @fud18
            last edited by May 3, 2017, 3:36 PM

            @fud18 This “new client” isn’t the only one that would have this.

            The Client works by talking to the fog server. Even the legacy client would fail to work (though install would work) because it would not be able to reach the server. How would it even operate? I guess, why would you install the client on machines that cannot reach the fog server?

            Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

            Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

            Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

            1 Reply Last reply Reply Quote 0
            • F
              fud18
              last edited by May 3, 2017, 4:30 PM

              I forgot to mention that even though this is behind my router I have allow my server to be publicly accessible by opening ports. I am able to get to my fog server from anywhere using its web address (fogserver.xxx.homelinux.net).

              T 1 Reply Last reply May 3, 2017, 4:32 PM Reply Quote 0
              • T
                Tom Elliott @fud18
                last edited by May 3, 2017, 4:32 PM

                @fud18 Then why not use “fogserver.xxx.homelinux.net” as the communicator for the Client?

                Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                F 1 Reply Last reply May 3, 2017, 4:33 PM Reply Quote 0
                • F
                  fud18 @Tom Elliott
                  last edited by May 3, 2017, 4:33 PM

                  @Tom-Elliott If you are talking about when I run the client installer and it already has fogserver in the field I am.

                  T 1 Reply Last reply May 3, 2017, 4:34 PM Reply Quote 0
                  • T
                    Tom Elliott @fud18
                    last edited by May 3, 2017, 4:34 PM

                    @fud18 Yes, update fogserver to the fqdn that is DNS resolvable.

                    Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                    Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                    Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                    1 Reply Last reply Reply Quote 0
                    • F
                      fud18
                      last edited by May 3, 2017, 4:36 PM

                      Am I doing this in the Fog server installer or in the fog config?

                      T 1 Reply Last reply May 3, 2017, 4:39 PM Reply Quote 0
                      • T
                        Tom Elliott @fud18
                        last edited by May 3, 2017, 4:39 PM

                        @fud18 You’re doing this in the FOG Client Installer, where it says “fogserver”

                        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                        1 Reply Last reply Reply Quote 0
                        • F
                          fud18
                          last edited by May 3, 2017, 4:40 PM

                          That’s where I am putting fogserver.xxx.homelinux.net. Then it gets to the part about the CA certificate and fails.

                          T 1 Reply Last reply May 3, 2017, 4:44 PM Reply Quote 0
                          • T
                            Tom Elliott @fud18
                            last edited by May 3, 2017, 4:44 PM

                            @fud18 then you will probably need to update your information.

                            edit the fog server’s /opt/fog/.fogsettings file and change the ip= to be:

                            fogserver.xxx.homelinux.net

                            Rerun the fog installer with:
                            ./installfog.sh -y --recreate-keys --recreate-ca

                            This should regenerate the certificates and use the fqdn for the common name of your CA.

                            Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                            Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                            Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                            1 Reply Last reply Reply Quote 0
                            • F
                              fud18
                              last edited by May 3, 2017, 4:49 PM

                              Do I need to restart the server or anything once that is done to complete? Do I need to give it time or that should be it?

                              1. I have changed the settings in .fogsettings to be the FQDN
                              2. I have ran the command as you posted ./installfog.sh -y --recreate-keys --recreate-ca
                              1 Reply Last reply Reply Quote 0
                              • T
                                Tom Elliott
                                last edited by May 3, 2017, 4:53 PM

                                There shouldn’t be anything special once that is done. The server should be setup and operational using the FQDN even from a browser so long as the port forwarding is setup properly and the DNS is set to look at your public IP Address.

                                Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                                Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                                Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                                1 Reply Last reply Reply Quote 0
                                • F
                                  fud18
                                  last edited by May 3, 2017, 5:00 PM

                                  Is there maybe a port number I am missing that I need to let through? Just trying to check all options.

                                  1 Reply Last reply Reply Quote 0
                                  • T
                                    Tom Elliott
                                    last edited by May 3, 2017, 5:01 PM

                                    What port or ports did you initially allow?

                                    Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                                    Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                                    Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                                    1 Reply Last reply Reply Quote 0
                                    • F
                                      fud18
                                      last edited by May 3, 2017, 5:06 PM

                                      Looks like 80 & 443

                                      1 Reply Last reply Reply Quote 0
                                      • T
                                        Tom Elliott
                                        last edited by May 3, 2017, 5:14 PM

                                        And the port forward is a “src” of Any or 0.0.0.0 and Destination is your “local network’s” fog server IP address?

                                        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                                        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                                        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                                        1 Reply Last reply Reply Quote 0
                                        • F
                                          fud18
                                          last edited by May 3, 2017, 5:22 PM

                                          0_1493832120025_Fog Firewall.png

                                          1 Reply Last reply Reply Quote 0
                                          • F
                                            fud18
                                            last edited by May 3, 2017, 5:59 PM

                                            RESOLVED: I was forcing https on the forward and as soon as I removed that it started working and I have already had 3 machines check in and they were the ones I just installed the client on remotely.

                                            1 Reply Last reply Reply Quote 0
                                            • 1 / 1
                                            1 / 1
                                            • First post
                                              15/20
                                              Last post

                                            199

                                            Online

                                            12.0k

                                            Users

                                            17.3k

                                            Topics

                                            155.2k

                                            Posts
                                            Copyright © 2012-2024 FOG Project