Setting up trusted SSL certificate
-
This post is deleted! -
@Sebastian-Roth
I found the tftp directory you specified in the rsync command in the packages folder in the fogproject code directory.
After executing the commands I am still stuck with the same problem. -
@Malte-Will said in Setting up trusted SSL certificate:
After executing the commands I am still stuck with the same problem.
What was the output of the second command?? Any errors??
-
@Sebastian-Roth
I got no error messages by executing the commands.
This is the output of the buildscript: output.txt
This is the output from rsync: rsync-out.txt
Am I missing anything. -
@Malte-Will Hmmm, my fault, sorry!!
The command
./buildipxe.sh /path/to/your/wildcard/certificate.pemshould have been./buildipxe.sh /path/to/the/CA/cert/of/your/wildcard/certificate.pemWhat that means is, you need to compile iPXE with the certificate authority’s (CA) certificate included that was used to sign your wildcard cert. If you don’t know what that means you might want to tell us more about where you got the certificate from
One more thing I missed to tell you. In case you want to use the fog-client software as well you will run into issues with your custom certificate. If you need to know more about this, I can give you the details.
-
@Sebastian-Roth
I tried compiling iPXE with our CAs certificate but still got the same result.
We got two certificates in the cert-file, is that a problem?
-
@Malte-Will From what I see I think you should use the Intermediate #2 certificate found here: https://support.comodo.com/index.php?/Knowledgebase/Article/View/978/108/organization-validation-sha-2
(direct link) -
@Sebastian-Roth
I solved the problem. In the end, the last thing i forgot was to change the ip of the fog server to the fqdn in the ipxe file.
We also needed to set the WEB HOST setting in the FOG Configuration to the FQDN.
I checked the certificates you send with the ones we have and verified that they are identical.Thanks for your help!
-
@Malte-Will said in Setting up trusted SSL certificate:
@Sebastian-Roth
I solved the problem. In the end, the last thing i forgot was to change the ip of the fog server to the fqdn in the ipxe file.Could you please explain in more detail, which ipxe file do you mean?
/opt/fog/.fogsettings first line?
ipaddress=…We also needed to set the WEB HOST setting in the FOG Configuration to the FQDN.
Done.
My problem is that after my CA was changed and ipxe was rebuild; iPXE still trying to connect to the bare IP not to the FQDN.
-
@sebastian-roth said in Setting up trusted SSL certificate:
One more thing I missed to tell you. In case you want to use the fog-client software as well you will run into issues with your custom certificate. If you need to know more about this, I can give you the details.
i’d love to know more details about this. Thank you.