FOG Client Private Key not readable
-
Hello,
on a manually installed notebook no communication between Fog Client and Fog Server is possible. The following error messages appear in the Fog Client log:
Start of Log:
06.04.2021 11:37:52 Middleware::Communication URL: http://10.70.7.10/fog/management/index.php?sub=requestClientInfo&configure&newService&json
06.04.2021 11:37:52 Middleware::Response Success
06.04.2021 11:37:52 Middleware::Communication URL: http://10.70.7.10/fog/management/index.php?sub=requestClientInfo&mac=74:78:27:2C:07:41|B0:7D:64:0C:CB:64|B0:7D:64:0C:CB:65|B2:7D:64:0C:CB:64|B0:7D:64:0C:CB:68&newService&json
06.04.2021 11:37:52 Middleware::Authentication Waiting for authentication timeout to pass
06.04.2021 11:37:52 Middleware::Communication Download: http://10.70.7.10/fog/management/other/ssl/srvpublic.crt
06.04.2021 11:37:52 Data::RSA FOG Server CA cert found
06.04.2021 11:37:52 Middleware::Authentication Cert OK
06.04.2021 11:37:52 Middleware::Authentication No token found at C:\Program Files (x86)\FOG\token.dat, this is expected if the client has not authenticated before
06.04.2021 11:37:52 Middleware::Authentication ERROR: Could not get security token
06.04.2021 11:37:52 Middleware::Authentication ERROR: Die Datei “C:\Program Files (x86)\FOG\token.dat” konnte nicht gefunden werden.
06.04.2021 11:37:52 Middleware::Communication POST URL: http://10.70.7.10/fog/management/index.php?sub=requestClientInfo&authorize&newService
06.04.2021 11:37:52 Middleware::Response Private key not readable
06.04.2021 11:37:52 Middleware::Response Success
06.04.2021 11:37:52 Middleware::Communication URL: http://10.70.7.10/fog/service/getversion.php?clientver&newService&json
06.04.2021 11:37:53 Middleware::Communication URL: http://10.70.7.10/fog/service/getversion.php?newService&json06.04.2021 11:37:53 Service Creating user agent cache
06.04.2021 11:37:53 Middleware::Response ERROR: Unable to get subsection
06.04.2021 11:37:53 Middleware::Response ERROR: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
06.04.2021 11:37:53 Middleware::Response ERROR: Unable to get subsection
06.04.2021 11:37:53 Middleware::Response ERROR: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
06.04.2021 11:37:53 Middleware::Response ERROR: Unable to get subsection
06.04.2021 11:37:53 Middleware::Response ERROR: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
---------------------------------ClientUpdater--------------------------------
06.04.2021 11:37:53 Client-Info Client Version: 0.12.0
06.04.2021 11:37:53 Client-Info Client OS: Windows
06.04.2021 11:37:53 Client-Info Server Version: 1.5.9
06.04.2021 11:37:53 Middleware::Response Success
----------------------------------TaskReboot----------------------------------
06.04.2021 11:37:53 Client-Info Client Version: 0.12.0
06.04.2021 11:37:53 Client-Info Client OS: Windows
06.04.2021 11:37:53 Client-Info Server Version: 1.5.9
06.04.2021 11:37:53 Middleware::Response ERROR: Unable to get subsection
06.04.2021 11:37:53 Middleware::Response ERROR: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
--------------------------------HostnameChanger-------------------------------
06.04.2021 11:37:53 Client-Info Client Version: 0.12.0
06.04.2021 11:37:53 Client-Info Client OS: Windows
06.04.2021 11:37:53 Client-Info Server Version: 1.5.9
06.04.2021 11:37:53 Middleware::Response ERROR: Unable to get subsection
06.04.2021 11:37:53 Middleware::Response ERROR: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
---------------------------------SnapinClient---------------------------------
06.04.2021 11:37:53 Client-Info Client Version: 0.12.0
06.04.2021 11:37:53 Client-Info Client OS: Windows
06.04.2021 11:37:53 Client-Info Server Version: 1.5.9
06.04.2021 11:37:53 Middleware::Response ERROR: Unable to get subsection
06.04.2021 11:37:53 Middleware::Response ERROR: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.END of Log
What can i do here?
FOG Server Version:
1.5.9 with local Storage Node, no NAS! -
@johannesd said in FOG Client Private Key not readable:
Private key not readable
First go to the FOG web UI and check the storage nodes’ setting SSL Path. Default is
/opt/fog/snapins/ssl. Did you change that setting? If not then runls -al /opt/fog/snapins/ssl/.srvprivate.keyto see what access rights are set for this file. -
@sebastian-roth Hello, i dont change the SSL Path.
When i run the Command it shows:
-rw------- 1 root root 3247 Dez 29 14:32 /opt/fog/snapins/ssl/.srvprivate.key -
@johannesd How did this file get created?
It doesn’t seem to have the correct permissions. First, it’s blocked off as only owner can read and write to it. (-rw-------) and that means ONLY root can do such a thing.
While permissions directly shouldn’t be an issue, the owner most likely is as a web request is what’s providing information. So basically, your FOG Client is polling for the certificate and one cannot be read.
You can fix this a multitude of ways, though I would start with the most restrictive set first:
From the fog server, ssh
sudo chown fogproject:apache /opt/fog/snapins/ssl/.srvprivate.key(If using Ubuntu change apache to www-data)If this still doesn’t work, I’d at least suggest rwxr-x— permissions:
sudo chmod 750 /opt/fog/snapins/ssl/.srvprivate.keyIf neither of these seem to work then you can try ensuring configuration is set for the folder and rwxrwxrwx for all files in the folder with:
sudo chown -R fogproject:apache /opt/fogsnapins/ssl
sudo chmod -R 777 /opt/fog/snapins/ssl(Again cahnge apache with www-data if running Ubuntu/Debian variant.
-
The FOG Server was installed not special like 10 others in our enviroment…
Works now after running:
sudo chmod 750 /opt/fog/snapins/ssl/.srvprivate.keyThanks a lot!
