Solved https boot.php cannot be found
I have been working on migrating my internal tools over to HTTPS and got to the fog server yesterday. Not sure if it matters but I am using a wildcard letsencrypt certificate for my internal domain. The way I got fog switched over to https was by running the installer with this command ./installfog.sh --force-https which got the web GUI over to https and that works fine however the issue is that when clients attempt to PXE boot they gets this error.
I have verified the file exists and you can reach it at the address printed on the screen. I’m a little lost at this point, I’ve searched the forum for similar issues and the closest suggest I was able to find was to run the ./buildipxe.sh script which I believe runs as part of the installer now but I tried it anyway with no luck. And suggestions are greatly appreciated!
@andrewhancock91 Are you still keen to discuss this?
@andrewhancock91 I am on the road right now und will be for the next two weeks. Not easy to give you all the details not having my laptop with me.
First you should start by searching the forums for “https fog-client” and see if you can find my older posts about why this part is tricky. It’s not a no-go but it will need good planing and manual adjustment - could even compile your own custom fog-client package…
For switching back to HTTP for now you’d edit /opt/fog/.fogsettings file, find the line
httpproto=httpsand remove the “s” at the end of “https”. Save and re-run the installer. That should be it.
Make you read all you can find on this topic before diving into this again. If you have many hosts with fog-client installed and communicating to your current FOG server already you break this switching your apache config to a different certificate!
Feel free to ask here if you can’t find those forum topics.
Hello! The cert, key, and intermediate ca files all live in /root/certs. I don’t guess I realized there is a fog certificate directory. Where is it and would it help if I moved the files there instead.
Yes I do use the fog-client software, bummer that it wont’ work. That may be a deal breaker on going https.
Yep you can generate wildcard certs with letsencrypt, I do it using the dns-01 verification method which I think is the only way they let you.
I actually made a little progress on this, curl won’t recognize the letsencrypt cert using just the cert and key, you have to specific the intermediate ca file in the apache config as well which I have now done. Now instead of getting a no such file or directory error it says permissions denied. Still doesn’t work but that feels like progress at least!
If I wanted to take it back to http only can I do that without breaking all the things?
Not sure if it matters but I am using a wildcard letsencrypt certificate for my internal domain.
That definitely matters! Where did you put the certificate on your FOG server? Same paths as the cert and CA files generated by FOG?
Do you use the fog-client software? It won’t work with your letsencrypt certificate. By the way, is it even possible to generate wildcard certs with letsencrypt??