Fog-Client certificat error

NoIPName

Hello everyone,

After the costume CA, everything is good about deploy and capture (with reboot) but i tried join domain and rename option and that not work for me

After very much research on the issue i can’t understand how this work because i double/triple check my :
ca.cert.pem
srvpublic.crt
.srvprivate.key

Everything is correct for me !

But in the log of fog-client i have this error :

/10/2024 14:45:24 Client- Info Version: 0.13.0
/10/2024 14:45:24 Client-Info OS:
Windows
/10/2024 14:45:24 Middleware:: Authentication Waiting for authentication timeout to pass
/10/2024
14:47:24 Middleware: :Communication Download:
https://fog.test.com/fog/management/other/ssl/srvpublic.crt
/10/2024 14:47:24 Data:: RSA ERROR: Certificate validation failed
/10/2024 14:47:24 Data::RSA ERROR: Trust chain did not complete to the known authority anchor. Thumbprints did not match.
/10/2024 14:47:24 Middleware:: Authentication ERROR: Could not authenticate
/10/2024 14:47:24 Middleware:: Authentication ERROR: Certificate is not from FOG CA
/10/2024 14:47:24 Client-Info ERROR: Failed to authenticate, will not run Module Looper.

I tried to understant where the fog-client request the fog.ca.cer and ca.cert in installation folder of fog
I check also in : /opt/fog/snapins/ssl and /opt/fog/snapins/ssl/CA

May i need to change in /opt/fog/snapins/ssl/CA the pem and key content or i miss something when i rebuild my custom CA ???

Thanks you

NoIPName

@NoIPName

I found a solution for this problem:

Apache2 dont care which SSL certificat you use, so you can use another path for your Custom CA on the website
So logicaly you can keep your intern Fog certificat and dont change it :

• /var/www/html/fog/management/other/ca.cert.pem
• /var/www/html/fog/management/other/ssl/srvpublic.crt
• /opt/fog/snapins/ssl/.srvprivate.key

But you need to recompile the iPXE file for the boot PXE

After that you can check with your fog-client can comunicate with Fog server