client server token issues.


  • Testers

    I am having issues with the latest working branch rev 64
    for some reason the client will no longer communicate with the server, I get the following in the fog.log

    ------------------------------------------------------------------------------
    --------------------------------Authentication--------------------------------
    ------------------------------------------------------------------------------
     10/17/2017 1:17 PM Client-Info Version: 0.11.12
     10/17/2017 1:17 PM Client-Info OS:      Windows
     10/17/2017 1:17 PM Middleware::Authentication Waiting for authentication timeout to pass
     10/17/2017 1:17 PM Middleware::Communication Download: http://10fogserver/fog/management/other/ssl/srvpublic.crt
     10/17/2017 1:17 PM Data::RSA FOG Server CA cert found
     10/17/2017 1:17 PM Middleware::Authentication Cert OK
     10/17/2017 1:17 PM Middleware::Authentication ERROR: Could not get security token
     10/17/2017 1:17 PM Middleware::Authentication ERROR: Could not find file 'C:\Program Files (x86)\FOG\token.dat'.
     10/17/2017 1:17 PM Middleware::Communication POST URL: http://10fogserver/fog/management/index.php?sub=requestClientInfo&authorize&newService
     10/17/2017 1:17 PM Middleware::Response Failed to decrypt data
    
    

  • Testers

    @sebastian-roth I don’t know how that happened but I copied the srvpublic.crt from a backup and it is fixed.

    Thanks for all the help


  • Developer

    @Greg-Plamondon said:

    ... srvpublic.crt
    notBefore=Oct 17 16:56:23 2017 GMT
    ...
    

    Fairly recently?!?


  • Testers

    @sebastian-roth said in client server token issues.:

    openssl x509 -dates -noout -in /var/www/fog/management/other/ssl/srvpublic.crt
    openssl x509 -dates -noout -in /var/www/fog/management/other/ca.cert.pem

    root@10fogserver:~ $ openssl x509 -dates -noout -in /var/www/fog/management/other/ssl/srvpublic.crt
    notBefore=Oct 17 16:56:23 2017 GMT
    notAfter=Oct 15 16:56:23 2027 GMT
    root@10fogserver:~ $ openssl x509 -dates -noout -in /var/www/fog/management/other/ca.cert.pem
    notBefore=Jul 19 22:30:11 2016 GMT
    notAfter=Jul 17 22:30:11 2026 GMT
    

  • Developer

    @Greg-Plamondon Ok, just wanted to make sure time is not an issue. Please run the following commands on the FOG server terminal and post output here:

    openssl x509 -dates -noout -in /var/www/fog/management/other/ssl/srvpublic.crt
    openssl x509 -dates -noout -in /var/www/fog/management/other/ca.cert.pem
    

  • Testers

    @sebastian-roth The times are synced with 0.pool.ntp.org and are spot on.
    This installation is atleast 2-3 years old


  • Developer

    @Tom-Elliott Ok, just had a look at the PCAP (thanks for that!). Looks like the client does send “proper looking” data but the server is not able to handle it.

    @Greg-Plamondon Possibly that’s because client and server time differ too much? Please check to see if those match up (at the most ten seconds difference).

    Is this a fairly new install (certs created when?) or an old one?


  • Developer

    @Tom-Elliott Could we possibly can get a tcpdump of the traffic when this happens? Just run sudo tcpdump -w /tmp/client-foo.pcap host x.x.x.x


  • Senior Developer

    Nope. Nothing. I’ve been working with Greg most of the day on this. His last working version was 57 (67cd9e). However, this issue still occurs on this version as well, now.


  • Developer

    Moved to bug reports as it looks like an issue on the server side from what I see so far. Thanks for reporting. We’ll look into this soon.

    @Tom-Elliott Something that changed in the PHP code that could cause this?


 

370
Online

41.7k
Users

12.2k
Topics

115.1k
Posts