srvpublic.crt has wrong IP

bballmcoe · Jan 3, 2024, 5:29 PM

Clients will PXE boot and accept the image fine. However, they are not joining the domain, and are not changing the hostname. Fog.log on a client shows that it cannot find srvpublic.crt
When I decode and view srvpublic.crt it has the IP address that the server had while I was building it. I did follow the process to change the IP. I did rerun the install.sh with the -recreateCA and -recreatekeys options. srvpublic.crt was overwritten but still has old IP. I don’t know if this is preventing the file from being found by the client, but I do see it in the correct directory /var/www/html/fog/management/other/ssl.

--------------------------------Authentication--------------------------------

1/3/2024 9:24 AM Client-Info Version: 0.11.5
1/3/2024 9:24 AM Client-Info OS: Windows
1/3/2024 9:24 AM Middleware::Authentication Waiting for authentication timeout to pass
1/3/2024 9:24 AM Middleware::Communication Download: http://fog.xxx.org/fog/management/other/ssl/srvpublic.crt
1/3/2024 9:24 AM Middleware::Communication ERROR: Could not download file
1/3/2024 9:24 AM Middleware::Communication ERROR: The request was aborted: Could not create SSL/TLS secure channel.
1/3/2024 9:24 AM Middleware::Authentication ERROR: Could not authenticate
1/3/2024 9:24 AM Middleware::Authentication ERROR: The system cannot find the file specified.

srvpublic.crt

Certificate Subject
Common Name (CN) 10.50.232.155 (Incorrect IP)
Certificate Issuer
Common Name (CN) FOG Server CA
Certificate Properties
Subject CN=xx.xx.232.155 (Incorrect IP)
Issuer CN=FOG Server CA
Valid From 2024-01-03 16:58:02
Valid To 2033-12-31 16:58:02
Key Size 4096 bits
Key Algorithm RSA
Sig. Algorithm sha256WithRSAEncryption
Serial Number 7B:87:31:FF:BC:1B:45:58:50:B3:5D:08:A8:70:96:63:8D:83:66:84 (705220820937184578402239102187179516367776999044)
Selected Certificate Extensions
SANs DNS:fog.xxx.org, IP:xx.xx.252.126 (correct IP)

bballmcoe · Jan 3, 2024, 6:53 PM

I should have started with: I recently built a new FOG server alongside the older production server, on a different IP. After the build and FOG install, I shutdown the old, and renamed/re-IP’d the new.

bballmcoe · Jan 4, 2024, 3:30 PM

@bballmcoe said in srvpublic.crt has wrong IP:

1/3/2024 9:24 AM Middleware::Communication Download: http://fog.xxx.org/fog/management/other/ssl/srvpublic.crt

One thing I just noticed:
1/3/2024 9:24 AM Middleware::Communication Download: http://fog.xxx.org/fog/management/other/ssl/srvpublic.crt
Should it be looking at https? I did run the installer to setup https/ssl If I can figure out how to change this I’ll give it a try.

bballmcoe · Jan 4, 2024, 4:59 PM

Found it in the client, settings.json, changed https = 1. Did not correct the issue, but it did cause the client to look at https://…

ITCC · Mar 27, 2025, 3:51 PM

Just came across the same issue, did you fix it?

srvpublic.crt has wrong IP

--------------------------------Authentication--------------------------------

209

12.1k

17.3k

155.3k