SOLVED 6303, 6333 Fog- Failed to download CA certificate error when trying to install client, only on some pcs

  • Hi guys,

    Strange issue here. Wasn’t sure to post this here or in developers/bug reports, so apologies if this is the wrong section.

    I have a few computers that I am trying to manually install the fog client on (by browsing to the URL http://<my fog server ip>/fog/client and downloading the MSI, and installing it). On most computers it works perfectly, but on a couple I cannot install the client.

    *I get a ‘failed to download CA certificate’ pop up message from the installer.
    *In fog.log on the client, it has these lines:

    PM RegistryHandler 64 bit registry detected
    PM Middleware::Communication URL: http://<my fog server ip>/fog/management/other/ca.cert.der
    PM Middleware::Communication ERROR: Could not download file
    PM Middleware::Communication ERROR: The underlying connection was closed: An unexpected error occurred on a receive

    On the fog server, there is nothing in the apache logs (access.log, error.log) to indicate there is a problem.

    The clients are on the same subnet as the fog server, and there are no firewalls turned on. From the client I can access / communicate with the fog server perfectly- I can ping it, I can browse to the web interface, and if I past the URL from the fog.log file into a browser I can successfully download the cert.

    I can even manually install the cert without a problem.
    I am only working with IP addresses at the moment, so there is no DNS involved that could be causing the issue.

    Client machines are running Windows 10 Pro x64. Fog server is running on Ubuntu LTS 14.04

    Basically, it is like everything works perfectly, but not when the Fog Client installer is doing it (if that makes sense)

    Any thoughts?

  • I just had this issue as well - and it turned out to be my fault.

    In the setup it asks for server and web info.

    I put the IP into both fields.

    I tried just putting the IP into the top server field and leaving the bottom web field alone.

    When I did that, it worked.

  • @Wayne-Workman

    Thanks for all your help. Thanks for the link too, I was hoping there was some more verbose debugging options for the client. I will try this out first thing next week and post back.

  • Notifying @jbob about this because I can’t think of anything else right now, maybe he will.

    There, you can find the latest debugger version of the client. It’s named Debugger.exe

    Use that, and give us the logs and output so Jbob can review them - you might even find the problem yourself.

  • @Wayne-Workman

    All good points, but sadly I don;t think any of those are the issue either:

    -No anti-virus on these hosts yet (other than whatever Windows 10 ships with).
    -No IP address conflicts- Fog server has static IP outside of DHCP pool, and hosts get addresses via DHCP.
    -Unique hostnames all round (but as mentioned, purely working with IP addresses for now anyway).
    -In terms of different ports, I have sort of tried this already. The machines are Intel NUCs (so have both wired and wireless networking options). Have tried both wired and wireless options but there’s no difference.

    The machines themselves are identical Intel NUCs- ordered at the same time, same hardware config, even same bios version.

    I’ll keep investigating for now.

  • @mr626 is there any differences in antivirus on the different hosts? Can you try temporarily disabling antivirus and try again?

    Is it possible that the clients have an IP conflict? Is it possible that the FOG Server has an IP conflict? Can you double check to be sure? Are you sure the hosts have unique hostnames?

    Can you try a different network port with the troublesome hosts?

  • @Wayne-Workman

    Thanks for the reply. I certainly considered the ‘fat-fingered’ possibility, but this is not the case:

    1. I am very careful when I enter the IP address, and I double check it
    2. As mentioned, I can literally copy the URL from fog.log on the client (that contains the IP address I entered during client setup), paste it into a browser and it works perfectly.

    I’m really at a loss, but will keep investigating. Will pull latest trunk and try again.

    Edit: problem remains with latest Fog 6333

  • This has only happened to me in two circumstances. 1. I had forgotten to configure my firewall on FOG (which is not your case because sometimes it works). 2. I fat fingered/forgot to enter an IP address for the server.

    Pay special attention to not mis-type the IP when installing, and try again and let us know.
    Also I’d recommend updating to the latest - things change hourly (or more) in the FOG Trunk world.