SSL Certificate is only valid for IP address, not hostname



  • FOG 6152 via git, the SSL certificate is only valid for the IP address of the server, and not the hostname. I’m guessing it’s something in .fogsettings, because when I do an upgrade for a new version it always overwrites my config file in /etc/apache2/sites-enabled with ServerName [ip address] and I will add ServerAlias [hostname] and restart Apache. I found a command (./installfog.sh --recreate-CA --recreate-keys) that I believe would take care of my issue IF I could get the correct hostname configured, assuming in .fogsettings.

    .fogsettings below, I don’t see a hostname field there, so I’m not sure where that’s coming from.

    Start of FOG Settings

        ## Created by the FOG Installer
        ## Version: 6134
        ## Install time: Thu 28 Jan 2016 08:51:19 PM EST
    
        ipaddress='12.34.56.78'
        interface='bond0'
        submask='255.255.255.0'
        routeraddress='#        option routers      x.x.x.x;'
        plainrouter=''
        dnsaddress='    option domain-name-servers      12.34.57.79;'
        dnsbootimage='12.34.58.97'
        password='hunter2'
        osid='2'
        osname='Debian'
        dodhcp='N'
        bldhcp='0'
        blexports='1'
        installtype='N'
        snmysqluser=''
        snmysqlpass=''
        snmysqlhost=''
        installlang='0'
        donate='1'
        storageLocation='/images'
        fogupdateloaded=1
        storageftpuser='fog'
        storageftppass='hunter2'
        docroot='/var/www/'
        webroot='fog/'
        caCreated='yes'
        startrange=''
        endrange=''
        bootfilename=''
        packages='apache2 php5 php5-json php5-gd php5-cli php5-curl mysql-server mysql-client tftpd-hpa tftp-hpa $
        noTftpBuild=''
        notpxedefaultfile=''
        ## End of FOG Settings
    

    Version: 6152

    Edit: Server does know it’s hostname, both cat /etc/hostname and the hostname command return “fog” which is the correct name on the network.

    Solution: host name can be put in the ipaddress field in .fogsettings



  • @Wayne-Workman Yeah, that’s why I’m trying to work out my issues now - this is a fresh upgrade on a new server (installed FOG on new hardware, then moved my snapins and database over). Only place I have the new client installed is on a new image I’m working on, so this is the time to get this worked out. Next I have to try and figure out why the old FOG clients aren’t auto-upgrading like I would have thought they would.


  • Moderator

    @apathetic_admin said:

    found a command (./installfog.sh --recreate-CA --recreate-keys) that I believe would take care of my issue IF I could get the correct hostname configured, assuming in .fogsettings.

    That’s a super dangerous command… very very dangerous.

    Imagine having 6,000 hosts with the FOG Client installed… and then suddenly NOT being able to control them through the FOG Client anymore… that’s what that command does.

    If the CA is created, but hosts are already deployed using the old one, you WILL loose control of those hosts, and to regain control, you must reinstall the FOG Client on each and every one of them.



  • @Tom-Elliott Thanks as always. You ever end up in Bloomington, IN I owe you a beer or twelve.


  • Senior Developer

    Edit the fogsettings file ipaddress variable to be the hostname your system has.


Log in to reply
 

393
Online

38711
Users

10542
Topics

99799
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.