Client 11.9 Will not Install Fails at CA Certificates



  • Hello, long time user first time poster here. I’ve been using FOG 1.2.0 for some time now and recently learned about the new updates. I started with a fresh VM of Ubuntu 14.04 and downloaded and installed FOG 1.3.5 RC 1 without any problem. However, when I use the SmartInstaller to install the 11.9 client, it fails everytime saying “Unable to install CA Certificate.” I googled this problem and saw the most common issue with this error is people mistyping the IP of their server in the installer. I have quadruple checked and my IP is correct, I enter it in the xxx.xxx.xxx.xxx format without the http:// (I have also tried using the http://xxx.xxx.xxx.xxx to see if this made a difference, it didn’t.) Another user had the same issue where there were missing certificate files on their server. When I look at the files in the certificate directory, they all seem to be there. I know my next step is to use Debugger.exe, but I can’t find any documentation on how to run this in place of the SmartInstaller.



  • @x23piracy

    We have Kaspersky. Apparently the System Watcher module was blocking the client from communicating with the server. When this was disabled, the client installed. However, the Firewall module in Kaspersky also blocked tasks from the server to be executed on the client (remote shutdown for example). The bottom article might help other Kaspersky users, though we haven’t tried this yet as of this posting.

    https://support.kaspersky.com/7914



  • @jackiegl3350n said in Client 11.9 Will not Install Fails at CA Certificates:

    For future reference, our antivirus was blocking the application from communicating with the server.

    More details please, which antivirus product caused it, have you added an exclusion or how did you solve it?

    Regards X23


  • Senior Developer

    Well that would make a ton of sense.



  • For future reference, our antivirus was blocking the application from communicating with the server.


  • Senior Developer

    All seems to be working now.


  • Senior Developer

    Trying to hit up on chat, in hopes that I can help out.



  • @Tom-Elliott

    Both client and server are set to Eastern time and show exactly the same time right down to the second.

    I can’t find any log files on the client after running the installer.


  • Senior Developer

    @jackiegl3350n Is there any logs with any further information?

    I don’t know where, but I would think the C:\fog.log or even “zazzles.log (of which I don’t know where that would be at the moment)” that might have more useful information?

    I’ve seen error’s like this occur due to timing as well.

    For example, the FOG Server is set to local time, but the machine is set to pacific when it should be new york?

    This would cause a failure because the times don’t match one another. Essentially, it would make the client machine think the certs are no longer valid as the server is “ahead”.

    This can happen in reverse too I suppose.



  • @Tom-Elliott

    The 1.2.0 was at a previous company, this is the only FOG server here. The info is to the right of the cloud as it should be.

    Also, forgot to put ./ in front of installfog.sh, so that’s my bad, sorry.

    I was able to run the recreate keys command and still no luck.

    Ran the command with the -y parameter and still nothing.


  • Senior Developer

    From what I can tell, you currently have two versions of fog running on the same machine. Of course I can’t be sure.

    When you go to the GUI, do you see 1.2.0 in the cloud or do you see the version and datetime information to the right of the Cloud icon?

    To ensure all is okay, I might suggest:

    sudo mv /var/www/fog{,_back}
    sudo mv /var/www/html/fog{,_back}
    

    Then rerun the installer:

    (You should be able to use recreate-keys as well if you deem it necessary).

    ./installfog.sh -y --recreate-keys
    


  • @Joe-Schmitt

    These machines have never had the client on them before. They can also ping the server. When I tired to run your command above it says it couldn’t find it. Here’s a screenshot:
    alt text


  • Senior Developer

    @jackiegl3350n well that looks right. It’s definitely some configuration issue somewhere. I’m assuming the client wasn’t already installed on these machines? Could you also try issuing a key regeneration? (sudo installfog.sh --recreate-keys).




  • Senior Developer

    @jackiegl3350n Can I see a screenshot of the configuration page of the installer just to double check everything is correct? Feel free to PM me a link to it, if you don’t want to post it here.



  • @Joe-Schmitt

    I have tried Windows 7 Professional x64 and Windows 10 both have failed. I am able to download the certificate file by entering the address you mentioned.


  • Senior Developer

    @jackiegl3350n what OS are you trying to install the client on?

    Also you can test if the settings are right by opening http://{fog-address}{fog-webroot}/management/other/ca.cert.der, and replace {fog-address} with your fog server’s IP, and {fog-webroot} with the webroot (usually just /fog). So an example url would be: http://{xxx.xxx.xxx.xxx/fog/management/other/ca.cert.der. And if the server is setup correctly, you should download a public certificate file.


Log in to reply
 

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.