Does FOG Support HTTPS Network boot and image installation
-
Is it possible to use IPXE HTTPS or UEFI HTTPS Network boot with Fog Project, because most of the communication or completely should be encrypted.
Or how do you have to configure this.
Unfortunately, I have not yet found any instructions in the documentation.
Of course, it is also necessary to import the certificates or install IPXE on the client side.
Perhaps I have overlooked something and would like some clarification.
It is possible to start the installation remotely once the device has been registered on the server, e.g. during an image update. Or do you have to physically access it every time. -
@michaelkoch1811 with the proper command line switches (sorry I can’t remember off the top of my head) the fog installer will create a self signed certificate, setup the web server and recompile ipxe with the ssl certificate. Then FOG will use ssl for communications. You can not bring your own certificate, it will need to be a fog installer created self signed certificate.
-
@george1421 That’s true if using the fog installer to handle it.
@michaelkoch1811 There are methods to rebuild the binaries using your own binaries of course.
in the fogproject folder (where you normally run an installer) there’s a file under:
utils/FOGiPXE
calledbuildipxe.sh
if you call this script with your <path/to/your/certificate.pem> it should build the ipxe binaries with your custom certificate.
./buildipxe.sh path/to/your/certificate.pem
By default it will try to use the CA pem we generated for FOG at install.