unable to install CA certificate



  • Server
    • FOG Version: 1.4.0
    • OS: ubuntu server
    Client
    • Service Version: 0.11.12
    • OS: windows 7
    Description

    Hi,
    i managed to install fog server and upload an image, (pxe boot ok, upload task ok), but i can’t install the smart installer on my professional network (virtual or physical machines). I have always the message : “unable to install CA certificate” during the process : pinning fog server.
    No log on the client, nothing in the fog server logs .
    I tried on the server address with the ip address, fogserver, the FQDN : idem
    Limitations on my network: no ping allowed to the outside, no access to the firewall rules, proxy to access internet.

    I found options for the smart installer
    https://wiki.fogproject.org/wiki/index.php?title=FOG_Client
    but when i launch the exe with options, nothing happens.
    I had one exception : the install was fine on 1 machine after ten testings.
    It coud be a network issue, but my ping to the fog server is stable
    What can i do ?



  • I found what caused the error even if i can’t explain it.
    In my network, we have two dns suffix : The first gave by the domain, the second gave by the dhcp server (different, because it point at an outside kms server).
    My computers weren’t part of the domain, so they had only the second dns suffix.
    In the smart installer, even if i type the FQDN name of the fog server, it failed.
    BUT, if i type the main dns suffix (my domain) in the computer properties,
    and after in the smart installer i type the short name of the fog server, IT WORKS !
    Sorry for my bad english language and for the disturbance



  • like the smart installer failed, it said that "fog service setup wizard ended prematuraly because of an error.your system has not been modified."
    the folder FOG is not present, so no logs to send, sorry.


  • Senior Developer

    @infotc There’s a C:\Program files (x86)\FOG\zazzles.log that should help us out (possibly).



  • sorry for the mistake. I thought the first part of the log was the failure log of the computer before it succeed.
    When the smart installer failed, there is no log to look at, except in the event viewer (i hope it can help) :
    Nom du journal :Application
    Source : MsiInstaller
    Date : 31/05/2017 08:46:46
    ID de l’événement :1013
    Catégorie de la tâche :Aucun
    Niveau : Erreur
    Mots clés : Classique
    Utilisateur : TEST-9L3C8U8BQM\technicien
    Ordinateur : TEST-9L3C8U8BQM
    Description :
    Product: FOG Service – Unable to install CA certificate
    XML de l’événement :
    <Event xmlns=“http://schemas.microsoft.com/win/2004/08/events/event”>
    <System>
    <Provider Name=“MsiInstaller” />
    <EventID Qualifiers=“0”>1013</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime=“2017-05-31T06:46:46.000000000Z” />
    <EventRecordID>2331</EventRecordID>
    <Channel>Application</Channel>
    <Computer>TEST-9L3C8U8BQM</Computer>
    <Security UserID=“S-1-5-21-1187659382-2467208848-1537523985-1002” />
    </System>
    <EventData>
    <Data>Product: FOG Service – Unable to install CA certificate</Data>
    <Data>(NULL)</Data>
    <Data>(NULL)</Data>
    <Data>(NULL)</Data>
    <Data>(NULL)</Data>
    <Data>(NULL)</Data>
    <Data>
    </Data>
    <Binary>7B32443435393535362D464542362D344532392D383342382D3744354146364546463837317D</Binary>
    </EventData>
    </Event>


  • Senior Developer

    @infotc said in unable to install CA certificate:

    30/05/2017 16:28 Middleware::Response Invalid host

    The fog client only works with valid hosts. See the error I quoted? This tells me either the host is not registered, or is in a “pending” state.

    I’m assuming the logs you gave are for the working system though? I don’t know, it’s confusing to say, this isn’t working, here’s the logs of something that IS working.

    Can you get us the logs of the system having problems installing?



  • Hi again,
    i try to recreate the certificate
    ./installfog.sh --recreate-CA --recreate-keys
    no errors encountered.
    I download the new smart-installer and launched it : same error (unable to install CA certificate)
    I change the time on my fog server with timedatectl to have the same as my computer clients and relaunched smarte installer : same error.
    I found on the computer where i could finally install the client the fog log :


    --------------------------------Authentication--------------------------------

    30/05/2017 16:26 Client-Info Version: 0.11.12
    30/05/2017 16:26 Client-Info OS: Windows
    30/05/2017 16:26 Middleware::Authentication Waiting for authentication timeout to pass
    30/05/2017 16:28 Middleware::Communication Download: http://fogserver/fog/management/other/ssl/srvpublic.crt
    30/05/2017 16:28 Data::RSA FOG Server CA cert found
    30/05/2017 16:28 Middleware::Authentication Cert OK
    30/05/2017 16:28 Middleware::Authentication ERROR: Could not get security token
    30/05/2017 16:28 Middleware::Authentication ERROR: Could not find file ‘C:\Program Files (x86)\FOG\token.dat’.
    30/05/2017 16:28 Middleware::Communication POST URL: http://fogserver/fog/management/index.php?sub=requestClientInfo&authorize&newService
    30/05/2017 16:28 Middleware::Response Invalid host
    30/05/2017 16:28 Middleware::Communication URL: http://fogserver/fog/service/register.php?hostname=tc205-infotc&mac=64:00:6A:20:FA:81||00:00:00:00:00:00:00:E0|00:00:00:00:00:00:00:E0&newService&json


    --------------------------------Authentication--------------------------------

    30/05/2017 16:28 Client-Info Version: 0.11.12
    30/05/2017 16:28 Client-Info OS: Windows
    30/05/2017 16:28 Middleware::Authentication Waiting for authentication timeout to pass
    30/05/2017 16:30 Middleware::Communication Download: http://fogserver/fog/management/other/ssl/srvpublic.crt
    30/05/2017 16:30 Data::RSA FOG Server CA cert found
    30/05/2017 16:30 Middleware::Authentication Cert OK
    30/05/2017 16:30 Middleware::Authentication ERROR: Could not get security token
    30/05/2017 16:30 Middleware::Authentication ERROR: Could not find file ‘C:\Program Files (x86)\FOG\token.dat’.
    30/05/2017 16:30 Middleware::Communication POST URL: http://fogserver/fog/management/index.php?sub=requestClientInfo&authorize&newService
    30/05/2017 16:30 Middleware::Response Success
    30/05/2017 16:30 Middleware::Authentication Authenticated

    30/05/2017 16:30 Middleware::Communication URL: http://fogserver/fog/management/index.php?sub=requestClientInfo&configure&newService&json
    30/05/2017 16:30 Middleware::Response Success
    30/05/2017 16:30 Middleware::Communication URL: http://fogserver/fog/management/index.php?sub=requestClientInfo&mac=64:00:6A:20:FA:81||00:00:00:00:00:00:00:E0|00:00:00:00:00:00:00:E0&newService&json
    30/05/2017 16:30 Middleware::Response Success
    30/05/2017 16:30 Middleware::Communication URL: http://fogserver/fog/service/getversion.php?clientver&newService&json
    30/05/2017 16:30 Middleware::Communication URL: http://fogserver/fog/service/getversion.php?newService&json

    30/05/2017 16:30 Service Creating user agent cache
    30/05/2017 16:30 Middleware::Response Invalid time
    30/05/2017 16:30 Middleware::Response No Printers
    30/05/2017 16:30 Middleware::Response Module is disabled globally on the FOG server
    30/05/2017 16:30 Service Initializing modules


Log in to reply
 

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.