FOG-Client suddenly stopped working


  • FOG-Client suddenly stopped working this Year. Nothing was changed. Output of the Client fog.log:

    Middleware::Communication Download: https://<fogdomain>/fog/management/other/ssl/srvpublic.crt
    Middleware::Communication ERROR: Could not download file
    Middleware::Communication ERROR: Error: TrustFailure (Authentication failed, see inner exception.)
    

    On Windows it is working without problems.
    We have about 100 Linux Clients, is there a server solution without touching them all?

    Thanks in advance!

  • Senior Developer

    @kek said in FOG-Client suddenly stopped working:

    Middleware::Communication SSL certificate chain error: NotTimeValid

    Seems like you have a different issue here. Is the srvpublic.crt still valid?


  • I re-checked with my colleagues, not all clients have this Problem, just a few servers, so no problem to replace the Zazzles.dll, but with HTTPS, 1 in settings.json, (and newest 0.12.0 Version fog-client) we get:

    ------------------------------------------------------------------------------
    --------------------------------Authentication--------------------------------
    ------------------------------------------------------------------------------
     1/11/2021 12:34:34 PM Client-Info Version: 0.12.0
     1/11/2021 12:34:34 PM Client-Info OS:      Linux
     1/11/2021 12:34:34 PM Middleware::Authentication Waiting for authentication timeout to pass
     1/11/2021 12:34:34 PM Middleware::Communication Download: https://<fogdomain>/fog/management/other/ssl/srvpublic.crt
     1/11/2021 12:34:36 PM Data::RSA FOG Server CA cert found
     1/11/2021 12:34:36 PM Data::RSA ERROR: Certificate validation failed
     1/11/2021 12:34:36 PM Data::RSA ERROR: Trust chain did not complete to the known authority anchor. Errors: PartialChain (PartialChain)
     1/11/2021 12:34:36 PM Middleware::Communication SSL certificate chain error: NotTimeValid
     1/11/2021 12:34:36 PM Middleware::Communication ERROR: Could not download file
     1/11/2021 12:34:36 PM Middleware::Communication ERROR: Error: TrustFailure (Authentication failed, see inner exception.)
    

  • @sebastian-roth said in FOG-Client suddenly stopped working:

    It’s strange/interesting you get this error just now. Possibly a Mono update on your Linux systems??

    No we use a fixed Version of Mono (Mono Repository with specific Version specified), but can’t tell you at the moment what version we are using exactly. We did no Updates on both Server and Client.

    Maybe we can find the Problem, with the new Information provided. I will try to manually replace the Zazzles.dll on one Client just to see if it works. We also have an Internal Repository, we could update the Mono-Package and create a package for the FOG-Client. But because we Updating our Clients also via FOG-Client we still need to touch them all, but with this solution we have at least a GUI to Update.

  • Senior Developer

    @kek It’s not even been a whole year but I did not remember we had this error reported before - thanks to the memory of the fourms. It looks like there is an issue in the way Linux Mono is reading the certifcates from the store causing it to fail when matching the CA certificate to the one it loads from your FOG server.

    It’s strange/interesting you get this error just now. Possibly a Mono update on your Linux systems??

    Try the following fix: Download Zazzles.dll and put in /opt/fog-service/Zazzles.dll (rename the original one). Then stop and restart the fog-client or reboot the computer and check the logs.

    We have about 100 Linux Clients, is there a server solution without touching them all?

    Maybe there is. We could come up with a so called “post init” script that could deploy that DLL to selected hosts e.g. via a host inventory task. The hosts would need to PXE boot once to get this done.

    Or I might suggest you use clusterssh to install that fix to all your hosts in batches of 10 or more (depending on the size of screen you have).

    I would say test this first on a couple of hosts if it is actually fixing the issue for you and we’ll take it from there.

382
Online

7.8k
Users

14.8k
Topics

139.5k
Posts