SSL Certificate is only valid for IP address, not hostname
apathetic_admin last edited by apathetic_admin
FOG 6152 via git, the SSL certificate is only valid for the IP address of the server, and not the hostname. I’m guessing it’s something in .fogsettings, because when I do an upgrade for a new version it always overwrites my config file in /etc/apache2/sites-enabled with ServerName [ip address] and I will add ServerAlias [hostname] and restart Apache. I found a command (./installfog.sh --recreate-CA --recreate-keys) that I believe would take care of my issue IF I could get the correct hostname configured, assuming in .fogsettings.
.fogsettings below, I don’t see a hostname field there, so I’m not sure where that’s coming from.
Start of FOG Settings
## Created by the FOG Installer ## Version: 6134 ## Install time: Thu 28 Jan 2016 08:51:19 PM EST ipaddress='220.127.116.11' interface='bond0' submask='255.255.255.0' routeraddress='# option routers x.x.x.x;' plainrouter='' dnsaddress=' option domain-name-servers 18.104.22.168;' dnsbootimage='22.214.171.124' password='hunter2' osid='2' osname='Debian' dodhcp='N' bldhcp='0' blexports='1' installtype='N' snmysqluser='' snmysqlpass='' snmysqlhost='' installlang='0' donate='1' storageLocation='/images' fogupdateloaded=1 storageftpuser='fog' storageftppass='hunter2' docroot='/var/www/' webroot='fog/' caCreated='yes' startrange='' endrange='' bootfilename='' packages='apache2 php5 php5-json php5-gd php5-cli php5-curl mysql-server mysql-client tftpd-hpa tftp-hpa $ noTftpBuild='' notpxedefaultfile='' ## End of FOG Settings
Edit: Server does know it’s hostname, both cat /etc/hostname and the hostname command return “fog” which is the correct name on the network.
Solution: host name can be put in the ipaddress field in .fogsettings
apathetic_admin last edited by
@Wayne-Workman Yeah, that’s why I’m trying to work out my issues now - this is a fresh upgrade on a new server (installed FOG on new hardware, then moved my snapins and database over). Only place I have the new client installed is on a new image I’m working on, so this is the time to get this worked out. Next I have to try and figure out why the old FOG clients aren’t auto-upgrading like I would have thought they would.
Wayne Workman last edited by
found a command (./installfog.sh --recreate-CA --recreate-keys) that I believe would take care of my issue IF I could get the correct hostname configured, assuming in .fogsettings.
That’s a super dangerous command… very very dangerous.
Imagine having 6,000 hosts with the FOG Client installed… and then suddenly NOT being able to control them through the FOG Client anymore… that’s what that command does.
If the CA is created, but hosts are already deployed using the old one, you WILL loose control of those hosts, and to regain control, you must reinstall the FOG Client on each and every one of them.
apathetic_admin last edited by
@Tom-Elliott Thanks as always. You ever end up in Bloomington, IN I owe you a beer or twelve.
Edit the fogsettings file ipaddress variable to be the hostname your system has.