Ok ! Thank you for the answer 
L
Posts made by loutrage
-
RE: Question about partitionsposted in General
Indeed my image contains one partition (in fact, 3 with the âwindows systemâ partition). The computers âtargetâ have a hard drive of 2TB and the purpose is to separate this hard drive in two, one partition for Windows and one partition for Datas.
Yesterday I deployed the image on 20 computers and after that, I have manually shrink the Windows partition on each computer to create a âD:â partition. It was a long job and perhaps there is a solution to automate this step
-
RE: Question about partitionsposted in General
The version of the kernel is
version 4.19.145Indeed, on my image there is only one partition. Iâm working with virtual environment and the image that I capture comes from a virtual machine with a virtual hard drive of 200GB
-
RE: Question about partitionsposted in General
First, thank you for the answer.
Here is the asked information :
- Version 1.5.9
- There are 2 different Kernell : 5.15.19 & 5.10.71
- d1.partitions
/dev/sda1 : start= 2048, size= 204800, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=D57F2E27-A01D-4621-A62D-84C9FC80B3D4, name="EFI system partition", attrs="GUID:63" /dev/sda2 : start= 206848, size= 32768, type=E3C9E316-0B5C-4DB8-817D-F92DF00215AE, uuid=C9EDEEE3-CCA6-4108-B0CF-B76FBD7F80D5, name="Microsoft reserved partition", attrs="GUID:63" /dev/sda3 : start= 239616, size= 103579136, type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, uuid=1836C411-18F3-45C4-9179-17AD54B3AC73, name="Basic data partition" /dev/sda4 : start= 103818752, size= 1038336, type=DE94BBA4-06D1-4D40-A16A-BFD50179D6AC, uuid=028C2351-938F-4BA8-9C3D-402B7CE9C09D, attrs="RequiredPartition GUID:63"d1.fixed_size_partitions
1:2:4cat d1.original.fstypes
/dev/sda3 ntfs -
Question about partitionsposted in General
Hello !
I made some searchs on the forum but I didnât find an answer.
Since several years, Iâm using fog and everything works great. Now, I would like upgrade the machines that I deploy. There will be a bigger hard drive of 2TB and I would like partitionate this hard drive.
So with Gparted I created 2 partitions, one of 150GB for Windows (the âC:â) and a second partition of 1.850GB for the Datas (the âD:â).
When I deployed my image, the 2 partitions have been deleted and merged in one partition of 2TB.
Is it possible to deploy with Fog only the âwindowsâ partition and let empty the second partition for the datas ?
If yes, how can I do this ?
Thank you !
-
RE: Problem to join a domain (SSL problem ?)posted in FOG Problems
Ohh thank you ! It works now !
I didnât know if I had to log on and then reboot manually to join the domain.
I noticed that I have to wait 3-4 minutes after the first boot for the automatically reboot and then the PC is in the domain !
Thanks a lot for the help, the problem is now solved !
-
RE: Problem to join a domain (SSL problem ?)posted in FOG Problems
Hello, sorry for the long time to answer : hollidays and a lot of work, I didnât have time to answer before.
Thank you for the explanation about the certificates, itâs clear now.
Iâm always trying to connect to my domain when a machine is deploy but I have always the same problem.
So I checked for the file âfog.logâ but it wasnât there, the fog client isnât install on the machine.
Is it normal or do I have to install on my âmotherâ image before to deploy ?To be sure and to begin with a new solid base, I began to zero with a new update machine (Debian 10), so itâs a totally fresh install with the last version of Debian and Fog, without SSL activate.
I deploy my image and I had the same problem, no Fog Client so I install it manually with the âSmart Installerâ, not the Network Installer. I reboot the machine and here is the content of the fog.txt
16/12/2019 10:48 Main Overriding exception handling 16/12/2019 10:48 Main Bootstrapping Zazzles 16/12/2019 10:48 Controller Initialize 16/12/2019 10:48 Controller Start 16/12/2019 10:48 Service Starting service 16/12/2019 10:48 Bus Became bus server 16/12/2019 10:48 Bus Emmiting message on channel: Status 16/12/2019 10:48 Service Invoking early JIT compilation on needed binaries ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:48 Client-Info Version: 0.11.16 16/12/2019 10:48 Client-Info OS: Windows 16/12/2019 10:48 Middleware::Authentication Waiting for authentication timeout to pass 16/12/2019 10:48 Middleware::Communication Download: http://10.0.150.15/fog/management/other/ssl/srvpublic.crt 16/12/2019 10:48 Data::RSA FOG Server CA cert found 16/12/2019 10:48 Middleware::Authentication Cert OK 16/12/2019 10:48 Middleware::Authentication No token found at C:\Program Files (x86)\FOG\token.dat, this is expected if the client has not authenticated before 16/12/2019 10:48 Middleware::Authentication ERROR: Could not get security token 16/12/2019 10:48 Middleware::Authentication ERROR: Could not find file 'C:\Program Files (x86)\FOG\token.dat'. 16/12/2019 10:48 Middleware::Communication POST URL: http://10.0.150.15/fog/management/index.php?sub=requestClientInfo&authorize&newService 16/12/2019 10:48 Middleware::Response Success 16/12/2019 10:48 Middleware::Authentication Authenticated 16/12/2019 10:48 Middleware::Communication URL: http://10.0.150.15/fog/management/index.php?sub=requestClientInfo&configure&newService&json 16/12/2019 10:48 Middleware::Response Success 16/12/2019 10:48 Middleware::Communication URL: http://10.0.150.15/fog/management/index.php?sub=requestClientInfo&mac=00:50:56:87:8F:1A|0A:00:27:00:00:05&newService&json 16/12/2019 10:48 Middleware::Response Success 16/12/2019 10:48 Middleware::Communication URL: http://10.0.150.15/fog/service/getversion.php?clientver&newService&json 16/12/2019 10:48 Middleware::Communication URL: http://10.0.150.15/fog/service/getversion.php?newService&json 16/12/2019 10:48 Service Creating user agent cache 16/12/2019 10:48 Middleware::Response Invalid time 16/12/2019 10:48 Middleware::Response No Printers 16/12/2019 10:48 Middleware::Response Module is disabled globally on the FOG server 16/12/2019 10:48 Service Initializing modules ------------------------------------------------------------------------------ ---------------------------------ClientUpdater-------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:48 Client-Info Client Version: 0.11.16 16/12/2019 10:48 Client-Info Client OS: Windows 16/12/2019 10:48 Client-Info Server Version: 1.5.7 16/12/2019 10:48 Middleware::Response Success ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ----------------------------------TaskReboot---------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:48 Client-Info Client Version: 0.11.16 16/12/2019 10:48 Client-Info Client OS: Windows 16/12/2019 10:48 Client-Info Server Version: 1.5.7 16/12/2019 10:48 Middleware::Response Success ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ --------------------------------HostnameChanger------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:48 Client-Info Client Version: 0.11.16 16/12/2019 10:48 Client-Info Client OS: Windows 16/12/2019 10:48 Client-Info Server Version: 1.5.7 16/12/2019 10:48 Middleware::Response Success 16/12/2019 10:48 HostnameChanger Users still logged in and enforce is disabled, delaying any further actions ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ---------------------------------SnapinClient--------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:48 Client-Info Client Version: 0.11.16 16/12/2019 10:48 Client-Info Client OS: Windows 16/12/2019 10:48 Client-Info Server Version: 1.5.7 16/12/2019 10:48 Middleware::Response No snapins ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ --------------------------------PrinterManager-------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:48 Client-Info Client Version: 0.11.16 16/12/2019 10:48 Client-Info Client OS: Windows 16/12/2019 10:48 Client-Info Server Version: 1.5.7 16/12/2019 10:48 Middleware::Response No Printers ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ --------------------------------PowerManagement------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:48 Client-Info Client Version: 0.11.16 16/12/2019 10:48 Client-Info Client OS: Windows 16/12/2019 10:48 Client-Info Server Version: 1.5.7 16/12/2019 10:48 Middleware::Response Success 16/12/2019 10:48 PowerManagement Calculating tasks to unschedule 16/12/2019 10:48 PowerManagement Calculating tasks to schedule ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ----------------------------------UserTracker--------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:48 Client-Info Client Version: 0.11.16 16/12/2019 10:48 Client-Info Client OS: Windows 16/12/2019 10:48 Client-Info Server Version: 1.5.7 16/12/2019 10:48 Middleware::Response Success 16/12/2019 10:48 Middleware::Communication URL: http://10.0.150.15/fog/service/usertracking.report.php?action=login&user=Corners-Test\Exploitation&mac=00:50:56:87:8F:1A|0A:00:27:00:00:05&newService&json ------------------------------------------------------------------------------ 16/12/2019 10:48 Service Sleeping for 94 seconds 16/12/2019 10:50 Middleware::Communication URL: http://10.0.150.15/fog/management/index.php?sub=requestClientInfo&configure&newService&json 16/12/2019 10:50 Middleware::Response Success 16/12/2019 10:50 Middleware::Communication URL: http://10.0.150.15/fog/management/index.php?sub=requestClientInfo&mac=00:50:56:87:8F:1A|0A:00:27:00:00:05&newService&json 16/12/2019 10:50 Middleware::Response Success 16/12/2019 10:50 Middleware::Communication URL: http://10.0.150.15/fog/service/getversion.php?clientver&newService&json 16/12/2019 10:50 Middleware::Communication URL: http://10.0.150.15/fog/service/getversion.php?newService&json 16/12/2019 10:50 Service Creating user agent cache 16/12/2019 10:50 Middleware::Response Invalid time 16/12/2019 10:50 Middleware::Response No Printers 16/12/2019 10:50 Middleware::Response Module is disabled globally on the FOG server ------------------------------------------------------------------------------ ---------------------------------ClientUpdater-------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:50 Client-Info Client Version: 0.11.16 16/12/2019 10:50 Client-Info Client OS: Windows 16/12/2019 10:50 Client-Info Server Version: 1.5.7 16/12/2019 10:50 Middleware::Response Success ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ----------------------------------TaskReboot---------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:50 Client-Info Client Version: 0.11.16 16/12/2019 10:50 Client-Info Client OS: Windows 16/12/2019 10:50 Client-Info Server Version: 1.5.7 16/12/2019 10:50 Middleware::Response Success ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ --------------------------------HostnameChanger------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:50 Client-Info Client Version: 0.11.16 16/12/2019 10:50 Client-Info Client OS: Windows 16/12/2019 10:50 Client-Info Server Version: 1.5.7 16/12/2019 10:50 Middleware::Response Success 16/12/2019 10:50 HostnameChanger Users still logged in and enforce is disabled, delaying any further actions ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ---------------------------------SnapinClient--------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:50 Client-Info Client Version: 0.11.16 16/12/2019 10:50 Client-Info Client OS: Windows 16/12/2019 10:50 Client-Info Server Version: 1.5.7 16/12/2019 10:50 Middleware::Response No snapins ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ --------------------------------PrinterManager-------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:50 Client-Info Client Version: 0.11.16 16/12/2019 10:50 Client-Info Client OS: Windows 16/12/2019 10:50 Client-Info Server Version: 1.5.7 16/12/2019 10:50 Middleware::Response No Printers ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ --------------------------------PowerManagement------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:50 Client-Info Client Version: 0.11.16 16/12/2019 10:50 Client-Info Client OS: Windows 16/12/2019 10:50 Client-Info Server Version: 1.5.7 16/12/2019 10:50 Middleware::Response Success 16/12/2019 10:50 PowerManagement Calculating tasks to unschedule 16/12/2019 10:50 PowerManagement Calculating tasks to schedule ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ----------------------------------UserTracker--------------------------------- ------------------------------------------------------------------------------ 16/12/2019 10:50 Client-Info Client Version: 0.11.16 16/12/2019 10:50 Client-Info Client OS: Windows 16/12/2019 10:50 Client-Info Server Version: 1.5.7 16/12/2019 10:50 Middleware::Response Success ------------------------------------------------------------------------------``` -
RE: Problem to join a domain (SSL problem ?)posted in FOG Problems
Finally, I made a new fresh installâŠ
I follow your post here : https://forums.fogproject.org/topic/13956/2019-a-step-by-step-activating-ssl-and-complying-ipxe-with-it
So FOS works in SSL now with the certificate generate by the machine.
I have a certificate error with my browsers and itâs not 100% secure but It seems to be too complicated to work with our own self signate certificate.
In fact, my original (and biggest) problem donât seem come from there.
I install the fog without SSL to try and it still doesnât work, I canât join my domain. I changed the password of the account of my Domain Controller to remove all the special characters, I deploy the machine several times, it doesnât work
And if I join my domain manually, itâs workâŠ
Here is the error with the debugger (Problem with the path)
-
RE: Problem to join a domain (SSL problem ?)posted in FOG Problems
Ok, thank a lot !
The problem to join the domain can come from there ?
I notice that the machine are wel named with the FOS so I think the fog-client must be able to communicate ?
-
RE: Problem to join a domain (SSL problem ?)posted in FOG Problems
@Sebastian-Roth, thank you for the answer !
- Yes I used the
--force-httpsoption. Here is the steps I used to configure the server
* ./installfog.sh -S * Copy the private key and the PEM file from our CA machine to the repertory /opt/fog/snapins/ssl/ * Replace the CA by default in the directories /etc/apache2/ssl/CA/ and /opt/fog/snapins/ssl/CA/ by our own CA * Edit with vim the config of the webserver with the command vim /etc/apache2/sites-available/001-fog.conf then restart apache2 * Edit the lines with the SSL links by this SSLCertificateFile /opt/fog/snapins/ssl/fog.pem SSLCertificateKeyFile /opt/fog/snapins/ssl/fog.key #SSLCertificateChainFile /var/www/html/fog//management/other/ca.cert.der * Execute the script buildipxe.sh from the directory ./opt/fog/utils/FOGiPXE/buildipxe.sh to create new binaries for the ipxe with the certificate in it. * Copy all the files from /opt/fog/packages/tftp to /tftpboot.- Yes I have a custom certificate
Here is the content of my VHost :
<VirtualHost *:80> <FilesMatch "\.php$"> SetHandler "proxy:fcgi://127.0.0.1:9000/" </FilesMatch> ServerName 10.0.150.15 ServerAlias corners-fog RewriteEngine On RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] RewriteRule /management/other/ca.cert.der$ - [L] RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}/$1 [R,L] </VirtualHost> <VirtualHost *:443> KeepAlive Off <FilesMatch "\.php$"> SetHandler "proxy:fcgi://127.0.0.1:9000/" </FilesMatch> ServerName 10.0.150.15 ServerAlias corners-fog DocumentRoot /var/www/html/ SSLEngine On SSLProtocol all -SSLv3 -SSLv2 SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA SSLHonorCipherOrder On SSLCertificateFile /opt/fog/snapins/ssl/fog.pem SSLCertificateKeyFile /opt/fog/snapins/ssl/fog.key #SSLCertificateChainFile /var/www/html/fog//management/other/ca.cert.der <Directory /var/www/html/fog/> DirectoryIndex index.php index.html index.htm </Directory> RewriteEngine On RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-d RewriteRule ^/fog/(.*)$ /fog/api/index.php [QSA,L] </VirtualHost> - Yes I used the
-
RE: Problem with the resize (expanding) on a hard driveposted in FOG Problems
Thank you, you found the solution !
Here is the result of the tmpoutput.txt file
Indeed, the problem came from a problem with the filesystem of my âmotherâ image. After several chkdsk (I had reboot only once the first time), the expand works well.
Thank you guys ! The problem is so solve now.
-
Problem to join a domain (SSL problem ?)posted in FOG Problems
Dear all,
Before to ask, I made a lot of search (I spent all the day yesterday by searching and reading) but I donât understand.
Here is the config :
Server
FOG 1.5.7
OS: Debian 8Client
FOG Client 0.11.16
OS: Windows 10 1803So, I configured my host like this :
I verified the password, itâs correct but when I deploy my image (without error), the computer donât join the domain. When I join it âmanuallyâ in the machine (via system) itâs working.
I launched the debugger on the machine, and I have this error :
The âfog.logâ on the machine says that :
On the machine, I add our own CA in âTrusted Root Certification Authoritiesâ, and itâs working as you can see
I checked also the log of apache2 and I see always the same error (one error by minute) :
[Tue Nov 26 10:43:16.407986 2019] [proxy_fcgi:error] [pid 13213] [client 10.0.200.201:54419] AH01071: Got error 'PHP message: PHP Fatal error: Uncaught exception 'Exception' with message '#!im' in /var/www/html/fog/lib/fog/fogbase.class.php:584\nStack trace:\n#0 /var/www/html/fog/lib/client/registerclient.class.php(47): FOGBase::getHostItem(true, false, false, true)\n#1 /var/www/html/fog/lib/fog/fogpage.class.php(3013): RegisterClient->json()\n#2 /var/www/html/fog/lib/fog/fogpage.class.php(249): FOGPage->requestClientInfo()\n#3 /var/www/html/fog/lib/pages/dashboardpage.class.php(76): FOGPage->__construct('Dashboard')\n#4 /var/www/html/fog/lib/fog/loadglobals.class.php(67): DashboardPage->__construct()\n#5 /var/www/html/fog/lib/fog/loadglobals.class.php(81): LoadGlobals::_init()\n#6 /var/www/html/fog/commons/base.inc.php(49): LoadGlobals->__construct()\n#7 /var/www/html/fog/management/index.php(22): require('/var/www/html/f...')\n#8 {main}\n thrown in /var/www/html/fog/lib/fog/fogbase.class.php on line 584\n'and also this :
[Tue Nov 26 06:25:05.307698 2019] [ssl:warn] [pid 27789] AH01909: 10.0.150.15:443:0 server certificate does NOT include an ID which matches the server name [Tue Nov 26 06:25:05.308126 2019] [mpm_prefork:notice] [pid 27789] AH00163: Apache/2.4.10 (Debian) OpenSSL/1.0.1t configured -- resuming normal operations [Tue Nov 26 06:25:05.308143 2019] [core:notice] [pid 27789] AH00094: Command line: '/usr/sbin/apache2'You think the problem with the domain can come from the SSL problem ?
I didnât specify my CA when I generated the binaries./opt/fog/utils/FOGiPXE/buildipxe.shduring the install, it can come from there ?Thank you for the help !
-
RE: Problem with the resize (expanding) on a hard driveposted in FOG Problems
@Sebastian-Roth
Here is 2 screens about SDA2. Everything seems good I think.
-
RE: Problem with the resize (expanding) on a hard driveposted in FOG Problems
I replaced the files init.xz & init_32.xz with the last version then I made a new capture but I had always the same problem.
Then I tried the âdirty fixâ by editing the file d1.fixed_size_partitions but I receive this error :
Maybe because the file d1.fixed_size_partitions changed with my new image ?
The content of the file is now :
1:2I also tried to see a message like this Not resizing filesystem /dev/sda2 (part too small) but it was too fast.
I just saw this
-
RE: Problem with the resize (expanding) on a hard driveposted in FOG Problems
Here is the information :
Visibly, there is just the boot flag.
@george1421 I let the âsingle disk resizableâ option by default. I only changed 2 days ago to make a test.
-
RE: Problem with the resize (expanding) on a hard driveposted in FOG Problems
Thank you for the answer ! Here is the content of the 3 files :
root@fog:/images/2019-09-23# cat d1.partitions label: dos label-id: 0x7d78d5ad device: /dev/sda unit: sectors /dev/sda1 : start= 2048, size= 1124352, type=7, bootable /dev/sda2 : start= 1126400, size= 82757632, type=7 root@fog:/images/2019-09-23# lsroot@fog:/images/2019-09-23# cat d1.minimum.partitions label: dos label-id: 0x7d78d5ad device: /dev/sda unit: sectors /dev/sda1 : start= 2048, size= 1124352, type=7, bootable /dev/sda2 : start= 1126400, size= 82757632, type=7root@fog:/images/2019-09-23# cat d1.fixed_size_partitions :1:1:2 -
Problem with the resize (expanding) on a hard driveposted in FOG Problems
Hi all !
I come here because of a problem of resize of the hard drive. Fog donât expand the hard drive and I donât know why
For example here, my image made 40GB and the hard drive made 60GB (on a VM) and I have the same problem with physical machines with SSD of 256GB.
I read the documentation (https://wiki.fogproject.org/wiki/index.php?title=Managing_FOG#Images) and I choose the type : âSingle Disk - Resizableâ like you can see here :
I use Fog 1.5.7 and the image is a Windows 10. In which log or file can I have more information on this problem ?
I found eventually this solution : http://www.troliver.com/?p=102 but itâs not a clear solutionâŠ
Thank you for your answers !
-
RE: IPXE Boot Problem - No such file or directory after installation of SSLposted in FOG Problems
First, sorry for the delay of the answer, it was a busy day and I hadnât access to the network this weekend.
We continued to search for the problem and finally, we found there was a problem with the copy of a file from /path/to/fogproject_git_repo/packages/tftp to /tftpboot. The file âdefault.ipxeâ was missing. We saw that with a capture of the trafic and the analyze of the pcap.
So finally, everything works !
To be sure to well understand, we made a new install from scratch and itâs work perfectly (Fog server & the SSL) !
In resume, here is the steps I made :
- Install of fog with the â-Sâ option to activate SSL
- Copy of the certificate and the private key on the machine
- Edit the Vhost file with the path of the private key and the certificate (with a restart of Apache2)
- Modify the CA by default in the directories /etc/apache2/ssl/CA/ and /opt/fog/snapins/ssl/CA/ with our own CA
- Execute the script buildipxe.sh from the directory /path/to/fogproject_git_repo/utils/FOGiPXE/
- And finally, copy the new binaries from /path/to/fogproject_git_repo/packages/tftp to /tftpboot (The step I missed )
Now the server is secured and, incidentally, itâs working !
Thank you for the support !
-
RE: IPXE Boot Problem - No such file or directory after installation of SSLposted in FOG Problems
Thank you for the answer.
We tried a lot of things and we have always the same problem.
We launched for example the command
buildipxe.sh /home/user/CA.PEMto incorporate our own CA. There is no error to build the binaries but we have always the same error.We also replaced the file
/opt/fog/snapins/ssl/CA/.fogCA.pemby our own CA before to launch the command buildipxe.We havenât problem with the webadmin, just with the ipxe.
Is there a way to see if our CA is correctly import in the binaries
-
IPXE Boot Problem - No such file or directory after installation of SSLposted in FOG Problems
Hello !
I have a fog server 1.5.7 who turn on a Debian 8.11 (Jessie).
I configured the SSL on the server and since, I have the error : âhttps://10.0.150.15/fog/service/ipxe/boot.php⊠No such file or directoryâ when one of the machine starts.
Here is the error :
I have my own CA deployed on my network. I generate a private key/certificate signed by this custom CA and I replaced the CA in the directories /opt/fog/snapins/ssl/ and I created a directory in /etc/apache2/ssl with the files. Here is the content of the folder
root@fog:/etc/apache2/ssl# ls -la total 40 drwxr-xr-x 3 root root 4096 Sep 26 14:02 . drwxr-xr-x 9 root root 4096 Sep 20 17:00 .. drwxr-xr-x 2 root root 4096 Sep 26 13:42 CA -rw-r--r-- 1 root root 80 Sep 23 11:01 ca.cnf -rw------- 1 root root 3243 Sep 26 14:02 fog.key -rw------- 1 root root 3244 Sep 26 13:42 fog.key.bkp -rw------- 1 root root 7510 Sep 26 14:02 fog.pem -rw------- 1 root root 7510 Sep 26 13:43 fog.pem.bkp lrwxrwxrwx 1 root root 37 Sep 23 11:01 .srvprivate.key -> /opt/fog/snapins/ssl//.srvprivate.keyand
root@fog:/etc/apache2/ssl/CA# ls -la total 20 drwxr-xr-x 2 root root 4096 Sep 26 13:42 . drwxr-xr-x 3 root root 4096 Sep 26 14:02 .. -rw-r--r-- 1 root root 3247 Sep 23 11:01 .fogCA.key.bkp -rw-r--r-- 1 root root 2086 Sep 26 13:42 .fogCA.pem -rw-r--r-- 1 root root 1797 Sep 23 11:01 .fogCA.pem.bkpAt the webmin level, everything is okay, the https works correctly (âGreen lockâ in the browser).
I saw this post https://forums.fogproject.org/topic/12908/ipxe-could-not-boot-no-such-file-or-directory and I tried the solution of @Sebastian-Roth but nothing change.
I checked the log of âerrorâ from Apache and there is no error in it.
For information, here is the content of my virtualhost
<VirtualHost *:80> <FilesMatch "\.php$"> SetHandler "proxy:fcgi://127.0.0.1:9000/" </FilesMatch> ServerName 10.0.150.15 ServerAlias fog RewriteEngine On RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] RewriteRule /management/other/ca.cert.der$ - [L] RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}/$1 [R,L] </VirtualHost> <VirtualHost *:443> KeepAlive Off <FilesMatch "\.php$"> SetHandler "proxy:fcgi://127.0.0.1:9000/" </FilesMatch> ServerName 10.0.150.15 ServerAlias fog DocumentRoot /var/www/html/ SSLEngine On SSLProtocol all -SSLv3 -SSLv2 SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA SSLHonorCipherOrder On SSLCertificateFile /etc/apache2/ssl/fog.pem SSLCertificateKeyFile /etc/apache2/ssl/fog.key #SSLCertificateChainFile /var/www/html/fog//management/other/ca.cert.der <Directory /var/www/html/fog/> DirectoryIndex index.php index.html index.htm </Directory> RewriteEngine On RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-d RewriteRule ^/fog/(.*)$ /fog/api/index.php [QSA,L] </VirtualHost>Thank you for your answer !