Problem with HTTPS upgrade
-
@sebastian-roth said in Problem with HTTPS upgrade:
@sbenson Ok, and could you please take a new picture of the current error message you see on screen with this?
The screen in sthe same as the previous screen. I even re-made the files suggested in the below code, because I wasn’t sure if the cert was recreated after i reinstalled it. In any case, its not working. Still says
Https://10.63.76.44/fog/service/ipxe/boot.php… No such file or directorycd ~/projects/ipxe/ipxe-bios/src make bin/undionly.kpxe EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt make bin/ipxe.pxe EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt make bin/undionly.kkpxe EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt make bin/intel.pxe EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt # simple 32 bit EFI binaries with embedded script cd ~/projects/ipxe/ipxe-efi/src make bin-i386-efi/ipxe.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt make bin-i386-efi/snponly.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt make bin-i386-efi/intel.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt # simple 64 bit EFI binaries cd ~/projects/ipxe/ipxe-efi/src make bin-x86_64-efi/ipxe.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt make bin-x86_64-efi/snponly.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt make bin-x86_64-efi/intel.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt
-
@sbenson but you’re not using the ca for the trust, you’re using the servers public key. That key is trusted by the servers ca key. As ipxe doesn’t have that chain of authority, it cannot confirm if the passed in certificate can be trusted.
-
@tom-elliott ohhh, other posts said to “trust” that cert…so I was confused. So I should have
TRUST=/usr/lib/ssl/certs/ca-certificates.crt instead?EDIT: That didnt work…
-
To help out with rebuilding here’s my “build” layout.
/root/fogproject
Location of repo data as required.
/root/ipxe
= bios
/root/ipxe-efi
= uefi/efi building.buildIpxe shell script:
NOTE: call the script as
buildIpxe TRUST=/var/www/fog/management/other/ca.cert.pem
(It will pass the additional arguments into ipxe building for you)#!/bin/bash # Change directory to base ipxe files cd /root/ipxe # Pull in new data [[ -z $nopull ]] && git pull # Change to the proper build directory cd /root/ipxe/src/ # Build the files make -j $(nproc) bin/ipxe.iso bin/{undionly,ipxe,intel,realtek}.{,k,kk}pxe bin/ipxe.lkrn EMBED=ipxescript $* # Copy files to repo location as required. cp /root/ipxe/src/bin/undionly.pxe /root/fogproject/packages/tftp/ cp /root/ipxe/src/bin/ipxe.pxe /root/fogproject/packages/tftp/ cp /root/ipxe/src/bin/intel.pxe /root/fogproject/packages/tftp/ cp /root/ipxe/src/bin/realtek.pxe /root/fogproject/packages/tftp/ cp /root/ipxe/src/bin/undionly.kpxe /root/fogproject/packages/tftp/ cp /root/ipxe/src/bin/ipxe.kpxe /root/fogproject/packages/tftp/ cp /root/ipxe/src/bin/intel.kpxe /root/fogproject/packages/tftp/ cp /root/ipxe/src/bin/realtek.kpxe /root/fogproject/packages/tftp/ cp /root/ipxe/src/bin/undionly.kkpxe /root/fogproject/packages/tftp/ cp /root/ipxe/src/bin/ipxe.kkpxe /root/fogproject/packages/tftp/ cp /root/ipxe/src/bin/intel.kkpxe /root/fogproject/packages/tftp/ cp /root/ipxe/src/bin/realtek.kkpxe /root/fogproject/packages/tftp/ # Copy lkrn and iso files to repo. cp /root/ipxe/src/bin/ipxe.lkrn /root/fogproject/packages/tftp/ipxe.krn cp /root/ipxe/src/bin/ipxe.iso /root/fogproject/packages/tftp/ipxe.iso # Copy the configuration for our stuff to repo cp /root/ipxe/src/ipxescript /root/fogproject/src/ipxe/src/ipxescript cp /root/ipxe/src/config/general.h /root/fogproject/src/ipxe/src/config/general.h cp /root/ipxe/src/config/settings.h /root/fogproject/src/ipxe/src/config/settings.h cp /root/ipxe/src/config/console.h /root/fogproject/src/ipxe/src/config/console.h # Build with 10 second delay make -j $(nproc) bin/ipxe.iso bin/{undionly,ipxe,intel,realtek}.{,k,kk}pxe bin/ipxe.lkrn EMBED=ipxescript10sec $* # Copy the files to upload to repository for GIT cp /root/ipxe/src/bin/undionly.pxe /root/fogproject/packages/tftp/10secdelay cp /root/ipxe/src/bin/ipxe.pxe /root/fogproject/packages/tftp/10secdelay cp /root/ipxe/src/bin/intel.pxe /root/fogproject/packages/tftp/10secdelay cp /root/ipxe/src/bin/realtek.pxe /root/fogproject/packages/tftp/10secdelay cp /root/ipxe/src/bin/undionly.kpxe /root/fogproject/packages/tftp/10secdelay cp /root/ipxe/src/bin/ipxe.kpxe /root/fogproject/packages/tftp/10secdelay cp /root/ipxe/src/bin/intel.kpxe /root/fogproject/packages/tftp/10secdelay cp /root/ipxe/src/bin/realtek.kpxe /root/fogproject/packages/tftp/10secdelay cp /root/ipxe/src/bin/undionly.kkpxe /root/fogproject/packages/tftp/10secdelay cp /root/ipxe/src/bin/ipxe.kkpxe /root/fogproject/packages/tftp/10secdelay cp /root/ipxe/src/bin/intel.kkpxe /root/fogproject/packages/tftp/10secdelay cp /root/ipxe/src/bin/realtek.kkpxe /root/fogproject/packages/tftp/10secdelay cp /root/ipxe/src/bin/ipxe.lkrn /root/fogproject/packages/tftp/10secdelay/ipxe.krn cp /root/ipxe/src/bin/ipxe.iso /root/fogproject/packages/tftp/10secdelay/ipxe.iso cp /root/ipxe/src/ipxescript10sec /root/fogproject/src/ipxe/src/ipxescript10sec # Change to the efi layout cd /root/ipxe-efi # Pull in the new data [[ -z $nopull ]] && git pull # Change to the proper build directory cd /root/ipxe-efi/src/ # Build the files make -j $(nproc) bin-{i386,x86_64}-efi/{snp{,only},ipxe,intel,realtek}.efi EMBED=ipxescript $* # Copy the files to upload to the repository for GIT cp /root/ipxe-efi/src/bin-i386-efi/snp.efi /root/fogproject/packages/tftp/i386-efi/ cp /root/ipxe-efi/src/bin-i386-efi/snponly.efi /root/fogproject/packages/tftp/i386-efi/ cp /root/ipxe-efi/src/bin-i386-efi/ipxe.efi /root/fogproject/packages/tftp/i386-efi/ cp /root/ipxe-efi/src/bin-i386-efi/intel.efi /root/fogproject/packages/tftp/i386-efi/ cp /root/ipxe-efi/src/bin-i386-efi/realtek.efi /root/fogproject/packages/tftp/i386-efi/ cp /root/ipxe-efi/src/bin-x86_64-efi/snp.efi /root/fogproject/packages/tftp/ cp /root/ipxe-efi/src/bin-x86_64-efi/snponly.efi /root/fogproject/packages/tftp/ cp /root/ipxe-efi/src/bin-x86_64-efi/ipxe.efi /root/fogproject/packages/tftp/ cp /root/ipxe-efi/src/bin-x86_64-efi/intel.efi /root/fogproject/packages/tftp/ cp /root/ipxe-efi/src/bin-x86_64-efi/realtek.efi /root/fogproject/packages/tftp/ # Copy the configuration for our stuff to GIT cp /root/ipxe-efi/src/ipxescript /root/fogproject/src/ipxe/src-efi/ipxescript cp /root/ipxe-efi/src/config/general.h /root/fogproject/src/ipxe/src-efi/config/general.h cp /root/ipxe-efi/src/config/settings.h /root/fogproject/src/ipxe/src-efi/config/settings.h cp /root/ipxe-efi/src/config/console.h /root/fogproject/src/ipxe/src-efi/config/console.h # Build with 10 second delay make -j $(nproc) bin-{i386,x86_64}-efi/{snp{,only},ipxe,intel,realtek}.efi EMBED=ipxescript10sec $* # Copy the files to upload to the repository for GIT cp /root/ipxe-efi/src/bin-i386-efi/snp.efi /root/fogproject/packages/tftp/10secdelay/i386-efi/ cp /root/ipxe-efi/src/bin-i386-efi/snponly.efi /root/fogproject/packages/tftp/10secdelay/i386-efi/ cp /root/ipxe-efi/src/bin-i386-efi/ipxe.efi /root/fogproject/packages/tftp/10secdelay/i386-efi/ cp /root/ipxe-efi/src/bin-i386-efi/intel.efi /root/fogproject/packages/tftp/10secdelay/i386-efi/ cp /root/ipxe-efi/src/bin-i386-efi/realtek.efi /root/fogproject/packages/tftp/10secdelay/i386-efi/ cp /root/ipxe-efi/src/bin-x86_64-efi/snp.efi /root/fogproject/packages/tftp/10secdelay/ cp /root/ipxe-efi/src/bin-x86_64-efi/snponly.efi /root/fogproject/packages/tftp/10secdelay/ cp /root/ipxe-efi/src/bin-x86_64-efi/ipxe.efi /root/fogproject/packages/tftp/10secdelay/ cp /root/ipxe-efi/src/bin-x86_64-efi/intel.efi /root/fogproject/packages/tftp/10secdelay/ cp /root/ipxe-efi/src/bin-x86_64-efi/realtek.efi /root/fogproject/packages/tftp/10secdelay/ # Copy the 10 sec delay configuration script. cp /root/ipxe-efi/src/ipxescript10sec /root/fogproject/src/ipxe/src-efi/ipxescript10sec
-
@tom-elliott said in Problem with HTTPS upgrade:
buildIpxe TRUST=/var/www/fog/management/other/ca.cert.pem
I modified the paths, but something in the build process is erroring
[FINISH] bin/realtek.kpxe [FINISH] bin/realtek.kkpxe [FINISH] bin/ipxe.lkrn make: 'bin/ipxe.lkrn' is up to date. [GENISO] bin/ipxe.iso cp: missing destination file operand after 'bin/iso.dir.RnYQV4' Try 'cp --help' for more information. genisoimage: Uh oh, I cant find the boot image 'isolinux.bin' ! [FINISH] bin/ipxe.kkpxe
-
I let it finish anyways and here is the full output
[09:52:00] root@SRO-FOG-01[0]:~$ ./buildIpxe TRUST=/var/www/fog/management/other/ca.cert.pem + cd /root/projects/ipxe/ipxe-bios + [[ -z '' ]] + git pull Already up-to-date. + cd /root/projects/ipxe/ipxe-bios/src/ ++ nproc + make -j 8 bin/ipxe.iso bin/undionly.pxe bin/undionly.kpxe bin/undionly.kkpxe bin/ipxe.pxe bin/ipxe.kpxe bin/ipxe.kkpxe bin/intel.pxe bin/intel.kpxe bin/intel.kkpxe bin/realtek.pxe bin/realtek.kpxe bin/realtek.kkpxe bin/ipxe.lkrn EMBED=ipxescript TRUST=/var/www/fog/management/other/ca.cert.pem [DEPS] image/embedded.c [BUILD] bin/embedded.o [AR] bin/blib.a ar: creating bin/blib.a [VERSION] bin/version.ipxe.lkrn.o [VERSION] bin/version.undionly.pxe.o [VERSION] bin/version.undionly.kpxe.o [VERSION] bin/version.undionly.kkpxe.o [VERSION] bin/version.ipxe.pxe.o [VERSION] bin/version.ipxe.kpxe.o [VERSION] bin/version.ipxe.kkpxe.o [VERSION] bin/version.intel.pxe.o [VERSION] bin/version.intel.kpxe.o [VERSION] bin/version.intel.kkpxe.o [VERSION] bin/version.realtek.pxe.o [VERSION] bin/version.realtek.kpxe.o [VERSION] bin/version.realtek.kkpxe.o [LD] bin/ipxe.lkrn.tmp [LD] bin/undionly.pxe.tmp [LD] bin/undionly.kpxe.tmp [LD] bin/undionly.kkpxe.tmp [LD] bin/ipxe.pxe.tmp [LD] bin/ipxe.kpxe.tmp [LD] bin/ipxe.kkpxe.tmp [LD] bin/intel.pxe.tmp [LD] bin/intel.kpxe.tmp [LD] bin/intel.kkpxe.tmp [LD] bin/realtek.pxe.tmp [LD] bin/realtek.kpxe.tmp [BIN] bin/undionly.pxe.bin [LD] bin/realtek.kkpxe.tmp [ZINFO] bin/undionly.pxe.zinfo [BIN] bin/undionly.kpxe.bin [ZINFO] bin/undionly.kpxe.zinfo [ZINFO] bin/undionly.kkpxe.zinfo [BIN] bin/undionly.kkpxe.bin [BIN] bin/intel.pxe.bin [ZINFO] bin/intel.pxe.zinfo [BIN] bin/intel.kpxe.bin [ZINFO] bin/intel.kpxe.zinfo [BIN] bin/intel.kkpxe.bin [ZINFO] bin/intel.kkpxe.zinfo [BIN] bin/realtek.pxe.bin [ZINFO] bin/realtek.pxe.zinfo [BIN] bin/realtek.kpxe.bin [ZINFO] bin/realtek.kpxe.zinfo [BIN] bin/ipxe.lkrn.bin [ZINFO] bin/ipxe.lkrn.zinfo [ZBIN] bin/undionly.pxe.zbin [ZBIN] bin/undionly.kpxe.zbin [ZBIN] bin/undionly.kkpxe.zbin [ZBIN] bin/intel.pxe.zbin [ZBIN] bin/intel.kpxe.zbin [ZBIN] bin/intel.kkpxe.zbin [ZBIN] bin/realtek.pxe.zbin [ZBIN] bin/realtek.kpxe.zbin [ZBIN] bin/ipxe.lkrn.zbin [FINISH] bin/undionly.pxe [FINISH] bin/undionly.kpxe [FINISH] bin/undionly.kkpxe [BIN] bin/ipxe.pxe.bin [BIN] bin/ipxe.kpxe.bin [ZINFO] bin/ipxe.pxe.zinfo [ZINFO] bin/ipxe.kpxe.zinfo [BIN] bin/ipxe.kkpxe.bin [ZINFO] bin/ipxe.kkpxe.zinfo [FINISH] bin/intel.pxe [FINISH] bin/intel.kpxe [BIN] bin/realtek.kkpxe.bin [ZINFO] bin/realtek.kkpxe.zinfo [ZBIN] bin/ipxe.pxe.zbin [ZBIN] bin/ipxe.kpxe.zbin [FINISH] bin/intel.kkpxe [ZBIN] bin/ipxe.kkpxe.zbin [FINISH] bin/realtek.pxe [ZBIN] bin/realtek.kkpxe.zbin [FINISH] bin/realtek.kpxe [FINISH] bin/realtek.kkpxe [FINISH] bin/ipxe.lkrn make: 'bin/ipxe.lkrn' is up to date. [GENISO] bin/ipxe.iso cp: missing destination file operand after 'bin/iso.dir.PVCdnQ' Try 'cp --help' for more information. genisoimage: Uh oh, I cant find the boot image 'isolinux.bin' ! [FINISH] bin/ipxe.pxe [FINISH] bin/ipxe.kpxe [FINISH] bin/ipxe.kkpxe rm bin/realtek.pxe.zbin bin/intel.pxe.zbin bin/realtek.pxe.bin bin/realtek.pxe.zinfo bin/ipxe.pxe.zinfo bin/ipxe.lkrn.zbin bin/version.intel.kkpxe.o bin/undionly.pxe.zbin bin/version.undionly.kpxe.o bin/intel.kkpxe.zbin bin/realtek.kpxe.zbin bin/undionly.kpxe.zinfo bin/realtek.kkpxe.bin bin/undionly.kkpxe.zbin bin/undionly.pxe.bin bin/realtek.kpxe.bin bin/version.undionly.pxe.o bin/intel.kkpxe.zinfo bin/ipxe.kpxe.bin bin/realtek.kpxe.zinfo bin/ipxe.kkpxe.zinfo bin/version.intel.pxe.o bin/undionly.kkpxe.bin bin/version.intel.kpxe.o bin/version.undionly.kkpxe.o bin/ipxe.kpxe.zbin bin/version.ipxe.pxe.o bin/intel.kpxe.bin bin/ipxe.pxe.zbin bin/realtek.kkpxe.zbin bin/version.ipxe.lkrn.o bin/ipxe.kkpxe.zbin bin/ipxe.pxe.bin bin/ipxe.lkrn.bin bin/version.ipxe.kpxe.o bin/ipxe.kpxe.zinfo bin/undionly.kkpxe.zinfo bin/undionly.pxe.zinfo bin/undionly.kpxe.bin bin/version.realtek.kkpxe.o bin/intel.kkpxe.bin bin/realtek.kkpxe.zinfo bin/intel.pxe.bin bin/intel.kpxe.zbin bin/version.realtek.pxe.o bin/ipxe.lkrn.zinfo bin/version.ipxe.kkpxe.o bin/intel.pxe.zinfo bin/undionly.kpxe.zbin bin/ipxe.kkpxe.bin bin/intel.kpxe.zinfo bin/version.realtek.kpxe.o + cp /root/projects/ipxe/ipxe-bios/src/bin/undionly.pxe /root/projects/ipxe/ipxe-bios/src/bin/undionly.kpxe /root/projects/ipxe/ipxe-bios/src/bin/undionly.kkpxe /root/projects/ipxe/ipxe-bios/src/bin/ipxe.pxe /root/projects/ipxe/ipxe-bios/src/bin/ipxe.kpxe /root/projects/ipxe/ipxe-bios/src/bin/ipxe.kkpxe /root/projects/ipxe/ipxe-bios/src/bin/intel.pxe /root/projects/ipxe/ipxe-bios/src/bin/intel.kpxe /root/projects/ipxe/ipxe-bios/src/bin/intel.kkpxe /root/projects/ipxe/ipxe-bios/src/bin/realtek.pxe /root/projects/ipxe/ipxe-bios/src/bin/realtek.kpxe /root/projects/ipxe/ipxe-bios/src/bin/realtek.kkpxe /root/fog/packages/tftp/ + cp /root/projects/ipxe/ipxe-bios/src/bin/ipxe.lkrn /root/fog/packages/tftp/ipxe.krn + cp /root/projects/ipxe/ipxe-bios/src/bin/ipxe.iso /root/fog/packages/tftp/ipxe.iso + cp /root/projects/ipxe/ipxe-bios/src/ipxescript /root/fog/src/ipxe/src/ipxescript + cp /root/projects/ipxe/ipxe-bios/src/config/general.h /root/fog/src/ipxe/src/config/general.h + cp /root/projects/ipxe/ipxe-bios/src/config/settings.h /root/fog/src/ipxe/src/config/settings.h + cp /root/projects/ipxe/ipxe-bios/src/config/console.h /root/fog/src/ipxe/src/config/console.h ++ nproc + make -j 8 bin/ipxe.iso bin/undionly.pxe bin/undionly.kpxe bin/undionly.kkpxe bin/ipxe.pxe bin/ipxe.kpxe bin/ipxe.kkpxe bin/intel.pxe bin/intel.kpxe bin/intel.kkpxe bin/realtek.pxe bin/realtek.kpxe bin/realtek.kkpxe bin/ipxe.lkrn EMBED=ipxescript10sec TRUST=/var/www/fog/management/other/ca.cert.pem make: *** No rule to make target 'ipxescript10sec', needed by 'bin/embedded.o'. Stop. + cp /root/projects/ipxe/ipxe-bios/src/bin/undionly.pxe /root/projects/ipxe/ipxe-bios/src/bin/undionly.kpxe /root/projects/ipxe/ipxe-bios/src/bin/undionly.kkpxe /root/projects/ipxe/ipxe-bios/src/bin/ipxe.pxe /root/projects/ipxe/ipxe-bios/src/bin/ipxe.kpxe /root/projects/ipxe/ipxe-bios/src/bin/ipxe.kkpxe /root/projects/ipxe/ipxe-bios/src/bin/intel.pxe /root/projects/ipxe/ipxe-bios/src/bin/intel.kpxe /root/projects/ipxe/ipxe-bios/src/bin/intel.kkpxe /root/projects/ipxe/ipxe-bios/src/bin/realtek.pxe /root/projects/ipxe/ipxe-bios/src/bin/realtek.kpxe /root/projects/ipxe/ipxe-bios/src/bin/realtek.kkpxe /root/fog/packages/tftp/10secdelay/ + cp /root/projects/ipxe/ipxe-bios/src/bin/ipxe.lkrn /root/fog/packages/tftp/10secdelay/ipxe.krn + cp /root/projects/ipxe/ipxe-bios/src/bin/ipxe.iso /root/fog/packages/tftp/10secdelay/ipxe.iso + cp /root/projects/ipxe/ipxe-bios/src/ipxescript10sec /root/fog/src/ipxe/src/ipxescript10sec cp: cannot stat '/root/projects/ipxe/ipxe-bios/src/ipxescript10sec': No such file or directory + cd /root/projects/ipxe/ipxe-efi + [[ -z '' ]] + git pull Already up-to-date. + cd /root/projects/ipxe/ipxe-efi/src/ ++ nproc + make -j 8 bin-i386-efi/snp.efi bin-i386-efi/snponly.efi bin-i386-efi/ipxe.efi bin-i386-efi/intel.efi bin-i386-efi/realtek.efi bin-x86_64-efi/snp.efi bin-x86_64-efi/snponly.efi bin-x86_64-efi/ipxe.efi bin-x86_64-efi/intel.efi bin-x86_64-efi/realtek.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ca.cert.pem [DEPS] image/embedded.c [DEPS] image/embedded.c [BUILD] bin-i386-efi/embedded.o [BUILD] bin-x86_64-efi/embedded.o [AR] bin-i386-efi/blib.a [AR] bin-x86_64-efi/blib.a ar: creating bin-i386-efi/blib.a ar: creating bin-x86_64-efi/blib.a [VERSION] bin-x86_64-efi/version.snp.efi.o [VERSION] bin-x86_64-efi/version.snponly.efi.o [VERSION] bin-x86_64-efi/version.ipxe.efi.o [VERSION] bin-x86_64-efi/version.realtek.efi.o [VERSION] bin-x86_64-efi/version.intel.efi.o [LD] bin-x86_64-efi/intel.efi.tmp [LD] bin-x86_64-efi/snp.efi.tmp [LD] bin-x86_64-efi/snponly.efi.tmp [LD] bin-x86_64-efi/ipxe.efi.tmp [LD] bin-x86_64-efi/realtek.efi.tmp [FINISH] bin-x86_64-efi/intel.efi [FINISH] bin-x86_64-efi/realtek.efi [FINISH] bin-x86_64-efi/snp.efi [FINISH] bin-x86_64-efi/snponly.efi [FINISH] bin-x86_64-efi/ipxe.efi rm bin-x86_64-efi/version.ipxe.efi.o bin-x86_64-efi/version.snponly.efi.o bin-x86_64-efi/version.snp.efi.o bin-x86_64-efi/version.realtek.efi.o bin-x86_64-efi/version.intel.efi.o [VERSION] bin-i386-efi/version.snp.efi.o [VERSION] bin-i386-efi/version.snponly.efi.o [VERSION] bin-i386-efi/version.ipxe.efi.o [VERSION] bin-i386-efi/version.intel.efi.o [VERSION] bin-i386-efi/version.realtek.efi.o [LD] bin-i386-efi/snponly.efi.tmp [LD] bin-i386-efi/snp.efi.tmp [LD] bin-i386-efi/ipxe.efi.tmp [LD] bin-i386-efi/intel.efi.tmp [LD] bin-i386-efi/realtek.efi.tmp [FINISH] bin-i386-efi/snp.efi [FINISH] bin-i386-efi/snponly.efi [FINISH] bin-i386-efi/realtek.efi [FINISH] bin-i386-efi/intel.efi [FINISH] bin-i386-efi/ipxe.efi rm bin-i386-efi/version.snp.efi.o bin-i386-efi/version.ipxe.efi.o bin-i386-efi/version.intel.efi.o bin-i386-efi/version.realtek.efi.o bin-i386-efi/version.snponly.efi.o + cp /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/snp.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/snponly.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/ipxe.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/intel.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/realtek.efi /root/fog/packages/tftp/i386-efi/ + cp /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/snp.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/snponly.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/ipxe.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/intel.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/realtek.efi /root/fog/packages/tftp/ + cp /root/projects/ipxe/ipxe-efi/src/ipxescript /root/fog/src/ipxe/src-efi/ipxescript + cp /root/projects/ipxe/ipxe-efi/src/config/general.h /root/fog/src/ipxe/src-efi/config/general.h + cp /root/projects/ipxe/ipxe-efi/src/config/settings.h /root/fog/src/ipxe/src-efi/config/settings.h + cp /root/projects/ipxe/ipxe-efi/src/config/console.h /root/fog/src/ipxe/src-efi/config/console.h ++ nproc + make -j 8 bin-i386-efi/snp.efi bin-i386-efi/snponly.efi bin-i386-efi/ipxe.efi bin-i386-efi/intel.efi bin-i386-efi/realtek.efi bin-x86_64-efi/snp.efi bin-x86_64-efi/snponly.efi bin-x86_64-efi/ipxe.efi bin-x86_64-efi/intel.efi bin-x86_64-efi/realtek.efi EMBED=ipxescript10sec TRUST=/var/www/fog/management/other/ca.cert.pem make[1]: *** No rule to make target 'ipxescript10sec', needed by 'bin-x86_64-efi/embedded.o'. Stop. Makefile.housekeeping:259: recipe for target 'bin-x86_64-efi/snp.efi' failed make: *** [bin-x86_64-efi/snp.efi] Error 2 make: *** Waiting for unfinished jobs.... make[1]: *** No rule to make target 'ipxescript10sec', needed by 'bin-i386-efi/embedded.o'. Stop. Makefile.housekeeping:259: recipe for target 'bin-i386-efi/snp.efi' failed make: *** [bin-i386-efi/snp.efi] Error 2 + cp /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/snp.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/snponly.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/ipxe.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/intel.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/realtek.efi /root/fog/packages/tftp/10secdelay/i386-efi/ + cp /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/snp.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/snponly.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/ipxe.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/intel.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/realtek.efi /root/fog/packages/tftp/10secdelay/ + cp /root/projects/ipxe/ipxe-efi/src/ipxescript10sec /root/fog/src/ipxe/src-efi/ipxescript10sec cp: cannot stat '/root/projects/ipxe/ipxe-efi/src/ipxescript10sec': No such file or directory
-
I’m sorry my script didn’t work out of the box for you. Remember, I have a totally separate environment, and I just tweaked things to generalize so you could attempt to use it.
Updated the script so that the copy commands should have no more problems.
Of note here, the script copy the files into the repo source. So to see the change, you would need to re-run the installer once done.
-
@tom-elliott said in Problem with HTTPS upgrade:
So to see the change, you would need to re-run the installer once done
I did reinstall after the script finished.
I dont think i have any of the 10sec stuff in my files tho.
Did you update the script below in the previous post?
-
@sbenson Yes, I updated the script below.
The script takes all of the information from the installation to copy over into the repo.
So your first steps would be to copy the necessary files.
Something like;
cp -r /root/fogproject/src/ipxe/src/* /root/ipxe/src/ cp -r /root/fogproject/src/ipxe/src-efi/* /root/ipxe-efi/src/
Then run the buildIpxe script. That should present the 10 second information properly too.
-
Ok, copied those over and got it compiled without any errors. Installed, and still gives the
https://10.63.76.44/fog/service/ipxe/boot.php… No such file or directory
EDIT: it says http:// let me hardcode the https://
-
-
@sebastian-roth said in Problem with HTTPS upgrade:
Can you access this URL from a browser?
Yes
#!ipxe set fog-ip 10.63.76.44 set fog-webroot fog set boot-url http://${fog-ip}/${fog-webroot} cpuid --ext 29 && set arch x86_64 || set arch i386 goto get_console :console_set colour --rgb 0x00567a 1 || colour --rgb 0x00567a 2 || colour --rgb 0x00567a 4 || cpair --foreground 7 --background 2 2 || goto MENU :alt_console cpair --background 0 1 || cpair --background 1 2 || goto MENU :get_console console --picture http://10.63.76.44/fog/service/ipxe/lbs-fog-bg.png --left 100 --right 80 && goto console_set || goto alt_console :MENU menu colour --rgb 0xff0000 0 || cpair --foreground 1 1 || cpair --foreground 0 3 || cpair --foreground 4 4 || item --gap Host is NOT registered! item --gap -- ------------------------------------- item fog.local Boot from hard disk item fog.memtest Run Memtest86+ item fog.reginput Perform Full Host Registration and Inventory item fog.reg Quick Registration and Inventory item fog.deployimage Deploy Image item fog.multijoin Join Multicast Session item fog.sysinfo Client System Information (Compatibility) choose --default fog.local --timeout 10000 target && goto ${target} :fog.local sanboot --no-describe --drive 0x80 || goto MENU :fog.memtest kernel memdisk initrd=memtest.bin iso raw initrd memtest.bin boot || goto MENU :fog.reginput kernel bzImage32 loglevel=4 initrd=init_32.xz root=/dev/ram0 rw ramdisk_size=127000 web=10.63.76.44/fog/ consoleblank=0 rootfstype=ext4 storage=10.63.76.44:/images/ storageip=10.63.76.44 loglevel=4 mode=manreg imgfetch init_32.xz boot || goto MENU :fog.reg kernel bzImage32 loglevel=4 initrd=init_32.xz root=/dev/ram0 rw ramdisk_size=127000 web=10.63.76.44/fog/ consoleblank=0 rootfstype=ext4 storage=10.63.76.44:/images/ storageip=10.63.76.44 loglevel=4 mode=autoreg imgfetch init_32.xz boot || goto MENU :fog.deployimage login params param mac0 ${net0/mac} param arch ${arch} param username ${username} param password ${password} param qihost 1 isset ${net1/mac} && param mac1 ${net1/mac} || goto bootme isset ${net2/mac} && param mac2 ${net2/mac} || goto bootme param sysuuid ${uuid} :fog.multijoin login params param mac0 ${net0/mac} param arch ${arch} param username ${username} param password ${password} param sessionJoin 1 isset ${net1/mac} && param mac1 ${net1/mac} || goto bootme isset ${net2/mac} && param mac2 ${net2/mac} || goto bootme param sysuuid ${uuid} :fog.sysinfo kernel bzImage32 loglevel=4 initrd=init_32.xz root=/dev/ram0 rw ramdisk_size=127000 web=10.63.76.44/fog/ consoleblank=0 rootfstype=ext4 storage=10.63.76.44:/images/ storageip=10.63.76.44 loglevel=4 mode=sysinfo imgfetch init_32.xz boot || goto MENU :bootme chain -ar http://10.63.76.44/fog/service/ipxe/boot.php##params || goto MENU autoboot
-
@sbenson Ok, we still have some URLs in non HTTPS style (and another one here) in the bootmenu generation PHP code. I am sure @Tom-Elliott will fix this soon.
EDIT: Tom just fixed it, you might want to upgrade to the latest
working
… -
THis isn’t a very common ask, but wouuld you mind switching the git branch to
working
with:git checkout working
?I’ve pushed up a hopeful fix to route the httpproto in use for the tftp call to also call the node it’s going to reference.
I do plan, in the near future, to add the ability to check/uncheck if a node is expecting to be used in https mode, though how to build the binaries with this in mind is a not simple.
-
@tom-elliott said in Problem with HTTPS upgrade:
git checkout working
Switched, Pulled, errored about changed, Deleted the packages dir, pulled.
Should I run buildIpxe?
-
@sbenson if you would like, please.
Though I’m going to imagine the pull failed to switch.
Try:
git reset --hard git checkout working git pull /root/buildIpxe TRUST=/var/www/fog/management/other/ca.cert.pem cd bin ./installfog.sh -y
-
@tom-elliott the whole problem is the -S, so i am guessing you want a -S in there too?
EDIT: Did not work still, and is listed as http:// not https:// so default.ipxe didn’t get changed
EDIT2: Hardcoded https in /tftpboot/default.ipxe. now it booting says https but still file not found -
@sbenson Open https://10.63.76.44/fog/service/ipxe/boot.php in your browser again and see if there are still http:// URLs or https:// now! Post the full output here if you would like us to have a look as well.
-
@sebastian-roth it’s all https now
-
@sbenson Please post the output and a picture of the error on screen as well. I am pretty sure there is something that we all overlook but might notice when we see listing and picture of the error.