Apache2 restart failed after trunk update
-
trunk 4909
Was able to update node without issue. When I update master to 4909 it wont allow Apache2 to restart. Reboot doesn’t help. Any ideas?
-
Also rolled back and tried it again and it did the same thing.
-
Getting the following which led me to do this in the first place:
Was getting cert errors on some clients.
-
@Psycholiquid Edit your /opt/fog/.fogsettings file.
Remove the sslpath= line.
Update the svn/git folder from the base path.
Reinstall, should be fixed.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.
Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)
Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG
-
@Tom-Elliott Trying now.
-
@Tom-Elliott Worked like a champ, thank you as always
-
Now getting this from all clients:
2/29/2016 6:19 PM Middleware::Communication Response: Invalid host certificate 2/29/2016 6:19 PM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 2/29/2016 6:19 PM Data::RSA FOG Server CA cert found 2/29/2016 6:19 PM Middleware::Authentication Cert OK 2/29/2016 6:19 PM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 2/29/2016 6:20 PM Middleware::Communication Response: Success 2/29/2016 6:20 PM Middleware::Authentication Authenticated 2/29/2016 6:20 PM Middleware::Communication URL: http://fog-server/fog/service/jobs.php?mac=B6:AE:2B:EB:6E:CD|00:0A:CD:2A:4D:A6|B4:AE:2B:EB:6F:CC|B4:AE:2B:EB:6F:CD||00:00:00:00:00:00:00:E0&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1 2/29/2016 6:20 PM Middleware::Communication Response: Invalid host certificate 2/29/2016 6:20 PM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 2/29/2016 6:20 PM Data::RSA FOG Server CA cert found 2/29/2016 6:20 PM Middleware::Authentication Cert OK 2/29/2016 6:20 PM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 2/29/2016 6:20 PM Middleware::Communication Response: Success 2/29/2016 6:20 PM Middleware::Authentication Authenticated 2/29/2016 6:20 PM Middleware::Communication URL: http://fog-server/fog/service/jobs.php?mac=B6:AE:2B:EB:6E:CD|00:0A:CD:2A:4D:A6|B4:AE:2B:EB:6F:CC|B4:AE:2B:EB:6F:CD||00:00:00:00:00:00:00:E0&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1 2/29/2016 6:20 PM Middleware::Communication Response: Invalid host certificate 2/29/2016 6:20 PM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 2/29/2016 6:20 PM Data::RSA FOG Server CA cert found 2/29/2016 6:20 PM Middleware::Authentication Cert OK 2/29/2016 6:20 PM Middleware::Communication POST URL: http://fog-server/fog/management/index.php?sub=authorize 2/29/2016 6:20 PM Middleware::Communication Response: Success 2/29/2016 6:20 PM Middleware::Authentication Authenticated 2/29/2016 6:20 PM Middleware::Communication URL: http://fog-server/fog/service/jobs.php?mac=B6:AE:2B:EB:6E:CD|00:0A:CD:2A:4D:A6|B4:AE:2B:EB:6F:CC|B4:AE:2B:EB:6F:CD||00:00:00:00:00:00:00:E0&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1``` -
A little cleaner error:
------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 2/29/2016 4:45 PM Client-Info Version: 0.9.11 2/29/2016 4:45 PM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 2/29/2016 4:45 PM Data::RSA FOG Server CA cert found 2/29/2016 4:45 PM Data::RSA ERROR: Certificate validation failed 2/29/2016 4:45 PM Data::RSA ERROR: Trust chain did not complete to the known authority anchor. Errors: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. (NotTimeValid) 2/29/2016 4:45 PM Middleware::Authentication ERROR: Could not authenticate 2/29/2016 4:45 PM Middleware::Authentication ERROR: Certificate is not from FOG CA 2/29/2016 4:45 PM Service Sleeping for 120 seconds 2/29/2016 4:46 PM Service Stop requested 2/29/2016 4:46 PM Bus { "channel": "Status", "data": "{\r\n \"action\": \"unload\"\r\n}" } 2/29/2016 4:46 PM Bus Emmiting message on channel: Status 2/29/2016 4:46 PM Bus Became bus server 2/29/2016 4:46 PM Bus { "channel": "Status", "data": "{\r\n \"action\": \"load\"\r\n}" } 2/29/2016 4:46 PM Bus Emmiting message on channel: Status ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 2/29/2016 4:46 PM Client-Info Version: 0.9.11 2/29/2016 4:46 PM Middleware::Communication URL: http://fog-server/fog/management/other/ssl/srvpublic.crt 2/29/2016 4:46 PM Data::RSA FOG Server CA cert found 2/29/2016 4:46 PM Data::RSA ERROR: Certificate validation failed 2/29/2016 4:46 PM Data::RSA ERROR: Trust chain did not complete to the known authority anchor. Errors: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. (NotTimeValid) 2/29/2016 4:46 PM Middleware::Authentication ERROR: Could not authenticate 2/29/2016 4:46 PM Middleware::Authentication ERROR: Certificate is not from FOG CA 2/29/2016 4:46 PM Service Sleeping for 120 seconds``` -
You have to use the same CA when re-installing the fog server. The new FOG Client absolutely will not trust any server that doesn’t authenticate properly.
What it sounds like is a new one was generated, or it could be some trivial path/location bug…
I keep a backup of my CA on a flash drive - encrypted, and behind a locked door.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
Daily Clean Installation Results:
https://fogtesting.fogproject.us/
FOG Reporting:
https://fog-external-reporting-results.fogproject.us/ -
@Wayne-Workman So if I rolled back and made a backup of the file then followed Tom’s instructions. Replaced the file after the upgrade should that resolve it?
-
@Wayne-Workman Also where is the cert located in the OS?
-
I’m assuming this is the cert? /fog/management/other/ssl/srvpublic.crt
-
@Psycholiquid you need the CA. The certs are actually regenerated on every install, to my understanding.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
Daily Clean Installation Results:
https://fogtesting.fogproject.us/
FOG Reporting:
https://fog-external-reporting-results.fogproject.us/ -
So I’m lost I need it to regenerate or I need to replace with the backed up one
-
@Psycholiquid validity period, can you make sure the windows and fog servers are matching with their time? As you do tend to rely on snapshots of course.
-
@Wayne-Workman ca and private key is not regenerated every install, just the csr and public cert.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.
Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)
Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG
-
@Tom-Elliott That’s what I meant.
-
OK so what would I need to do to resolve this. I am in another state trying to get the node working so I dont have to touch every machine but cant due to this.
-
I mean I could roll back but I would rather move forward. The times seem to be just fine so far as I can tell. but my server is being slammed now due to bad requests.
-
Just verified the dates and times are matching perfectly
