Fog Server CA Download
-
Where does the client installer pull the Fog Server CA download its cert from when pinning the server?
My thumbprints are not matching with the cert installed. I have confirmed these 2 thumbprints match:
openssl x509 -noout -fingerprint -sha1 -inform pem -in /opt/fog/snapins/ssl/CA/.fogCA.pem
openssl x509 -noout -fingerprint -sha1 -inform pem -in /var/www/html/fog/management/other/ca.cert.pemBut when i look in the cert store of windows machine the Fog Server CA has a different thumbprint.
-
@cul3r0 Sorry I have not found the time to look into updating the wiki on this topic yet. Still on my list.
The fog-client pulls the file
/var/www/html/fog/management/other/ca.cert.der(see here in the fog-client code) - note the.derfile extension!Don’t ask me why it is done this way. This was created before I joined the team. It might be for a technical reason - possibly the DER format is the only one you can inject into the Windows cert store using .NET code easily or somthing else.
To convert your existing PEM CA cert to DER format use the following commands:
mv /var/www/html/fog/management/other/ca.cert.der /var/www/html/fog/management/other/ca.cert.der_orig openssl x509 -in /var/www/html/fog/management/other/ca.cert.pem -out /var/www/html/fog/management/other/ca.cert.der -outform DER -
@sebastian-roth If i am using a custom SSL Cert can we bypass it needed FOG Server CA to authenticate?
Implementing Custom SSL Cert has been a little bit of trouble. I’m soo close i can taste it. I can ipxe from machines. Machine takes the image. But then authenticating there to begin tasks is where i start having trouble.
-
How do you recompile your own client binaries? Is there documentation on that?
-
@sebastian-roth is there a way to keep track of open forums i’ve openned? I’m still having this trouble hoping someone could point me in the right direction.
-
@cul3r0 said in Fog Server CA Download:
is there a way to keep track of open forums i’ve openned?
Click your name to get to your profile. There you should find all your topics.
I’m still having this trouble hoping someone could point me in the right direction.
I will when I find the time. Keep your fingers crossed for this weekend.
-
@cul3r0 said in Fog Server CA Download:
How do you recompile your own client binaries? Is there documentation on that?
You can find information on all the tools and stuff you need in our github project readme though it’s kind of dated (older versions).
I have been quiet because I am looking into re-designing the whole thing to make it a lot easier. Please be patient a little longer.