View previous topic :: View next topic |
Author |
Message |
bforpc Guest
|
Posted: Wed Nov 18, 2015 6:19 Post subject: ERROR: The certificate of '192.168.0.102' is not trusted. |
|
|
Hi,
my m23 (ip:192.168.0.102) give e this error, if i want to integrate a machine with a self signed certificate, when im run
[/code]
cd /tmp; wget http://192.168.0.102/work.php -O work.php; sh work.php
--2015-11-18 09:15:35-- https://192.168.0.102/postMessage.php?m23clientID=32
Connecting to 192.168.0.102:443... connected.
ERROR: The certificate of '192.168.0.102' is not trusted.
ERROR: The certificate of '192.168.0.102' hasn't got a known issuer.
|
|
Back to top |
|
|
bfotpc Guest
|
Posted: Wed Nov 18, 2015 7:45 Post subject: |
|
|
sorry for the wron "code" settings above. |
|
Back to top |
|
|
Hauke
Joined: 02 Mar 2003 Posts: 1072
|
Posted: Wed Nov 18, 2015 14:01 Post subject: |
|
|
Hi,
after downloading and executing work.php the 1st time, the SSL certificates from the m23 server should be downloaded to the client.
It seems that there was something wrong.
Are there other (error) messages that give a hint? _________________ Hauke Goos-Habermann
- project leader m23 (http://m23.sf.net) -
Jabber: dodgerm23@jabber.org
Schulung, Entwicklung und Support zu m23 und anderen OpenSource-Produkten: www.goos-habermann.de
Auch DU kannst etwas gegen Softwarepatente tun! www.patentfrei.de |
|
Back to top |
|
|
bforpc Guest
|
Posted: Mon Nov 23, 2015 9:38 Post subject: |
|
|
No, ther are no other messages.
How can i cleanly remove this client and "re-add" it for claen certificates?
bfo |
|
Back to top |
|
|
bforpc Guest
|
Posted: Mon Nov 23, 2015 9:46 Post subject: |
|
|
sorry... there is more, in the console.
The running server is a pur debian server.
--2015-11-23 12:43:30-- https://192.168.0.102/packages/baseSys/authorized_keys
Certificates loaded: 173
Verbindungsaufbau zu 192.168.0.102:443... verbunden.
Created socket 4.
Releasing 0x0000000000e75d50 (new refcount 0).
Deleting unused 0x0000000000e75d50.
FEHLER: Dem Zertifikat von »192.168.0.102« wird nicht vertraut.
FEHLER: Das Zertifikat von »»192.168.0.102«« wurde von einem unbekannten Austeller herausgegeben.
chmod: Beim Setzen der Zugriffsrechte für „/root/.ssh/authorized_keys“: Die angeforderte Funktion ist nicht implementiert
chown: der Eigentümer von „/root/.ssh/authorized_keys“ wird geändert: Die angeforderte Funktion ist nicht implementiert
chgrp: die Gruppe von „/root/.ssh/authorized_keys“ wird geändert: Die angeforderte Funktion ist nicht implementiert |
|
Back to top |
|
|
Hauke
Joined: 02 Mar 2003 Posts: 1072
|
Posted: Tue Nov 24, 2015 8:33 Post subject: |
|
|
Are there messages about fetching "ca.crt" ?
ca.crt is the SSL certificate. _________________ Hauke Goos-Habermann
- project leader m23 (http://m23.sf.net) -
Jabber: dodgerm23@jabber.org
Schulung, Entwicklung und Support zu m23 und anderen OpenSource-Produkten: www.goos-habermann.de
Auch DU kannst etwas gegen Softwarepatente tun! www.patentfrei.de |
|
Back to top |
|
|
bforpc Guest
|
Posted: Tue Nov 24, 2015 12:18 Post subject: |
|
|
this are (a part) of the massages in the console , when the work.sh is executed
bfo |
|
Back to top |
|
|
Hauke
Joined: 02 Mar 2003 Posts: 1072
|
Posted: Thu Nov 26, 2015 15:56 Post subject: |
|
|
The messages you posted are about the download of the public SSH keys (authorized_keys).
Important for the SSL problem are (error) messages that occur when the script tries to download "ca.crt". The SSL certificate is fetched from the m23 server at the jobs m23Presetup (to ramdisk) and m23baseSys (to HDD).
Please try to find these messages.
PS It seems that there more investigation is needed to find the real problem. If your company/organisation/institute is from Germany, you could buy commerical m23 support from goos-habermann.de, to get a faster solution. _________________ Hauke Goos-Habermann
- project leader m23 (http://m23.sf.net) -
Jabber: dodgerm23@jabber.org
Schulung, Entwicklung und Support zu m23 und anderen OpenSource-Produkten: www.goos-habermann.de
Auch DU kannst etwas gegen Softwarepatente tun! www.patentfrei.de |
|
Back to top |
|
|
bforpc Guest
|
Posted: Fri Nov 27, 2015 7:57 Post subject: |
|
|
Hi,
i am not a company, i am a private user with some servers to play around with it. And yes, i am from germany.
And if m23 will work, i can try to show this solution to my company also.
But at the moment it shouldn't. It seems like it is not ready for company wide usage. If it have so much problems with so small newtork, how would it be in our intranet, where lot more PC's are on different locations.
Bfo |
|
Back to top |
|
|
Hauke
Joined: 02 Mar 2003 Posts: 1072
|
Posted: Sat Nov 28, 2015 15:18 Post subject: |
|
|
Hi,
there are some bigger installations of m23 in companies and institutions.
But every scenario is different, so m23 may run out-of-the-box or not. In bigger and "special" scenarios, adjustments on different places may be needed to integrate m23 into the whole IT infrastructure.
To help you really (and not only guess), I need deeper knowledge of your complete setup and may need to do some tests on my own. This is a time consuming task and therefore I cannot do on a free basis.
Btw. Did you find the messages dealing with "ca.crt"? _________________ Hauke Goos-Habermann
- project leader m23 (http://m23.sf.net) -
Jabber: dodgerm23@jabber.org
Schulung, Entwicklung und Support zu m23 und anderen OpenSource-Produkten: www.goos-habermann.de
Auch DU kannst etwas gegen Softwarepatente tun! www.patentfrei.de |
|
Back to top |
|
|
|