• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Change Server but not change certificate

    Scheduled Pinned Locked Moved
    FOG Problems
    4
    18
    4.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Sebastian Roth Moderator
      last edited by Sebastian Roth

      @danilopinotti Please run the following commands:

      openssl rsa -modulus -noout -in /opt/fog/snapins/ssl/.srvprivate.key | openssl md5
openssl x509 -modulus -noout -in /var/www/fog/management/other/ssl/srvpublic.crt | openssl md5

      The MD5 sums should match!

      Did you copy /opt/fog from the old to the new server and then ran the installer on the new server?

      Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

      Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

      D 1 Reply Last reply Reply Quote 0
      • D
        danilopinotti @Sebastian Roth
        last edited by

        @Sebastian-Roth
        Not match!
        I tried copy the fog.csr to new and run the script again. Not works too

        Att, Danilo Pinotti

        Fog 1.3.0-RC-7
        Ubuntu Server 14.04 LTS

        1 Reply Last reply Reply Quote 0
        • J
          Joe Schmitt Senior Developer
          last edited by Joe Schmitt

          If you copied over the root CA keys (it sounds like you did), run ./installfog.sh --recreate-keys

          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

          D 2 Replies Last reply Reply Quote 0
          • D
            danilopinotti @Joe Schmitt
            last edited by

            @Jbob
            I’ve copied only /opt/fog/snapins/ssl/fog.csr of old to new and re-executed the script.
            It has something else to copy or some other procedure to work ?

            Att, Danilo Pinotti

            Fog 1.3.0-RC-7
            Ubuntu Server 14.04 LTS

            Tom ElliottT 1 Reply Last reply Reply Quote 0
            • Tom ElliottT
              Tom Elliott @danilopinotti
              last edited by

              @danilopinotti You need to copy the whole of the SSL folder.

              If /opt/fog/snapins/ssl contains .srvprivate.key and the CA folder and fog.csr, why not just copy the WHOLE folder?

              For example:

              scp -r /opt/fog/snapins/ssl/* fog-server:/opt/fog/snapins/ssl/

              Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

              Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

              Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

              D 1 Reply Last reply Reply Quote 1
              • D
                danilopinotti @Tom Elliott
                last edited by

                @Tom-Elliott not works!
                The same error appears:

                [Mon Mar 21 18:05:51.390582 2016] [ssl:emerg] [pid 27939] AH02565: Certificate and private key 172.20.1.251:443:0 from /var/www/fog/management/other/ssl/srvpublic.crt and /opt/fog/snapins/ssl/.srvprivate.key do not match
AH00016: Configuration Failed

                Att, Danilo Pinotti

                Fog 1.3.0-RC-7
                Ubuntu Server 14.04 LTS

                Tom ElliottT 1 Reply Last reply Reply Quote 0
                • Tom ElliottT
                  Tom Elliott @danilopinotti
                  last edited by

                  @danilopinotti So your main server is also having issues?

                  Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                  Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                  Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                  D 1 Reply Last reply Reply Quote 0
                  • D
                    danilopinotti @Tom Elliott
                    last edited by

                    @Tom-Elliott said:

                    So your main server is also having issues?

                    My old server works perfectly.

                    Att, Danilo Pinotti

                    Fog 1.3.0-RC-7
                    Ubuntu Server 14.04 LTS

                    Tom ElliottT 1 Reply Last reply Reply Quote 0
                    • Tom ElliottT
                      Tom Elliott @danilopinotti
                      last edited by

                      @danilopinotti After copying the files are you re-running the installer on the place you copied it to?

                      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                      Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                      Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                      1 Reply Last reply Reply Quote 0
                      • D
                        danilopinotti @Joe Schmitt
                        last edited by danilopinotti

                        @Jbob said:

                        If you copied over the root CA keys (it sounds like you did), run ./installfog.sh --recreate-keys

                        With this argument it will take advantage of the old scripts or create new keys?

                        Att, Danilo Pinotti

                        Fog 1.3.0-RC-7
                        Ubuntu Server 14.04 LTS

                        Tom ElliottT 1 Reply Last reply Reply Quote 0
                        • Tom ElliottT
                          Tom Elliott @danilopinotti
                          last edited by

                          @danilopinotti It will use the old CA to generate a new Private key.

                          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                          D 1 Reply Last reply Reply Quote 0
                          • D
                            danilopinotti @Tom Elliott
                            last edited by

                            @Tom-Elliott said:

                            It will use the old CA to generate a new Private key.

                            In that case I’ll have to reinstall the client on all computers again?

                            Att, Danilo Pinotti

                            Fog 1.3.0-RC-7
                            Ubuntu Server 14.04 LTS

                            Tom ElliottT 1 Reply Last reply Reply Quote 0
                            • Tom ElliottT
                              Tom Elliott @danilopinotti
                              last edited by

                              @danilopinotti No. The ca.cert.der and ca.cert.pem files should be identical to what your clients already have.

                              The clients will need to reget the srvpublic.crt file (which they’ll do automatically anyway). This is checked very pass where the encryption key is no longer valid and on initial authentication.

                              Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                              Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                              Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                              D 1 Reply Last reply Reply Quote 0
                              • D
                                danilopinotti @Tom Elliott
                                last edited by

                                @Tom-Elliott
                                So I will not have to redo the settings in clients?

                                Att, Danilo Pinotti

                                Fog 1.3.0-RC-7
                                Ubuntu Server 14.04 LTS

                                Tom ElliottT 1 Reply Last reply Reply Quote 0
                                • Tom ElliottT
                                  Tom Elliott @danilopinotti
                                  last edited by

                                  @danilopinotti Correct.

                                  Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                                  Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                                  Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                                  1 Reply Last reply Reply Quote 0
                                  • 1 / 1
                                  • First post
                                    Last post

                                  209

                                  Online

                                  11.6k

                                  Users

                                  17.1k

                                  Topics

                                  154.6k

                                  Posts
                                  Copyright © 2012-2024 FOG Project