• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    installfog.sh --force-https and ipxe

    Scheduled Pinned Locked Moved Solved
    FOG Problems
    3
    6
    1.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      CBO
      last edited by

      Server
      • FOG Version: 1.4.4
      • OS: Debian 9
      Description

      After installing fog with –force-https switch ipxe.efi cannot download files via http or https from fog server.

      After searching on ipxe side I suspected a certificate validation problem and I managed to get ipxe download via https on the fog web server after compiling it with the web server certificate embedded:

      make bin-x86_64-efi/ipxe.efi EMBED=ipxescript TRUST=/var/www/fog//management/other/ssl/srvpublic.crt
      

      I had also to modify the /tftpboot/default.ipxe file by replacing http by https in it because it seems that ipxe does not follow the redirection from http to https…

      Is is normal or did i miss something to avoid recompiling ?

      1 Reply Last reply Reply Quote 1
      • Tom ElliottT
        Tom Elliott
        last edited by

        The redirection following is normal, unfortunately.

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        1 Reply Last reply Reply Quote 0
        • S
          Sebastian Roth Moderator
          last edited by

          @Tom-Elliott Just thinking out loud here… should be add compiling iPXE to the installer script (as we do with udpcast)? This way the cert could be added to the iPXE binaries for everyone. Would compiling on the fly break other things?

          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

          Tom ElliottT 1 Reply Last reply Reply Quote 0
          • Tom ElliottT
            Tom Elliott @Sebastian Roth
            last edited by

            @sebastian-roth The problem is I only know of a 100% sure fire way to build the ipxe binaries and the requirements aren’t readily available on the “base” installation. That said, i’ll admit I haven’t really looked into building any specialties as I’m busy on a about a million other things as well.

            Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

            Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

            Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

            1 Reply Last reply Reply Quote 0
            • S
              Sebastian Roth Moderator
              last edited by Sebastian Roth

              @Tom-Elliott Not saying that this is something you should do. Just wondering what your opinion was. I might look into this at some point. It would definitely need less downloading of binaries but time to compile all the different ones on the FOG server.

              The problem is I only know of a 100% sure fire way to build the ipxe binaries…

              What exactly do you mean by that?

              @CBO, sorry for taking over this thread but this is very closely related.

              Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

              Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

              1 Reply Last reply Reply Quote 0
              • S
                Sebastian Roth Moderator
                last edited by

                @CBO Just in case you are still interested in this. I just pushed changes to the current working branch (see here and here) to make the installer do a better job. Upgrade to the very latest and give it a go if you like.

                PS: Sorry for taking so long to get back onto this.

                Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                1 Reply Last reply Reply Quote 0
                • 1 / 1
                • First post
                  Last post

                156

                Online

                12.0k

                Users

                17.3k

                Topics

                155.2k

                Posts
                Copyright © 2012-2024 FOG Project