READ ONLY FORUM: m23 :: makes software distribution easy Forum Index READ ONLY FORUM: m23 :: makes software distribution easy
The m23 discussion forum
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

ERROR: The certificate of '192.168.0.102' is not trusted.

 
Post new topic   Reply to topic    READ ONLY FORUM: m23 :: makes software distribution easy Forum Index -> Problems with the server / Serverprobleme
View previous topic :: View next topic  
Author Message
bforpc
Guest





PostPosted: Wed Nov 18, 2015 6:19    Post subject: ERROR: The certificate of '192.168.0.102' is not trusted. Reply with quote

Hi,

my m23 (ip:192.168.0.102) give e this error, if i want to integrate a machine with a self signed certificate, when im run

[/code]
cd /tmp; wget http://192.168.0.102/work.php -O work.php; sh work.php
Code:


on the client.


--2015-11-18 09:15:35-- https://192.168.0.102/postMessage.php?m23clientID=32
Connecting to 192.168.0.102:443... connected.
ERROR: The certificate of '192.168.0.102' is not trusted.
ERROR: The certificate of '192.168.0.102' hasn't got a known issuer.
Code:


Bfo
Back to top
bfotpc
Guest





PostPosted: Wed Nov 18, 2015 7:45    Post subject: Reply with quote

sorry for the wron "code" settings above.
Back to top
Hauke



Joined: 02 Mar 2003
Posts: 1072

PostPosted: Wed Nov 18, 2015 14:01    Post subject: Reply with quote

Hi,

after downloading and executing work.php the 1st time, the SSL certificates from the m23 server should be downloaded to the client.

It seems that there was something wrong.

Are there other (error) messages that give a hint?
_________________
Hauke Goos-Habermann
- project leader m23 (http://m23.sf.net) -
Jabber: dodgerm23@jabber.org

Schulung, Entwicklung und Support zu m23 und anderen OpenSource-Produkten: www.goos-habermann.de

Auch DU kannst etwas gegen Softwarepatente tun! www.patentfrei.de
Back to top
View user's profile Send private message Send e-mail Visit poster's website
bforpc
Guest





PostPosted: Mon Nov 23, 2015 9:38    Post subject: Reply with quote

No, ther are no other messages.
How can i cleanly remove this client and "re-add" it for claen certificates?

bfo
Back to top
bforpc
Guest





PostPosted: Mon Nov 23, 2015 9:46    Post subject: Reply with quote

sorry... there is more, in the console.
The running server is a pur debian server.


--2015-11-23 12:43:30-- https://192.168.0.102/packages/baseSys/authorized_keys
Certificates loaded: 173
Verbindungsaufbau zu 192.168.0.102:443... verbunden.
Created socket 4.
Releasing 0x0000000000e75d50 (new refcount 0).
Deleting unused 0x0000000000e75d50.
FEHLER: Dem Zertifikat von »192.168.0.102« wird nicht vertraut.
FEHLER: Das Zertifikat von »»192.168.0.102«« wurde von einem unbekannten Austeller herausgegeben.
chmod: Beim Setzen der Zugriffsrechte für „/root/.ssh/authorized_keys“: Die angeforderte Funktion ist nicht implementiert
chown: der Eigentümer von „/root/.ssh/authorized_keys“ wird geändert: Die angeforderte Funktion ist nicht implementiert
chgrp: die Gruppe von „/root/.ssh/authorized_keys“ wird geändert: Die angeforderte Funktion ist nicht implementiert
Back to top
Hauke



Joined: 02 Mar 2003
Posts: 1072

PostPosted: Tue Nov 24, 2015 8:33    Post subject: Reply with quote

Are there messages about fetching "ca.crt" ?

ca.crt is the SSL certificate.
_________________
Hauke Goos-Habermann
- project leader m23 (http://m23.sf.net) -
Jabber: dodgerm23@jabber.org

Schulung, Entwicklung und Support zu m23 und anderen OpenSource-Produkten: www.goos-habermann.de

Auch DU kannst etwas gegen Softwarepatente tun! www.patentfrei.de
Back to top
View user's profile Send private message Send e-mail Visit poster's website
bforpc
Guest





PostPosted: Tue Nov 24, 2015 12:18    Post subject: Reply with quote

this are (a part) of the massages in the console , when the work.sh is executed

bfo
Back to top
Hauke



Joined: 02 Mar 2003
Posts: 1072

PostPosted: Thu Nov 26, 2015 15:56    Post subject: Reply with quote

The messages you posted are about the download of the public SSH keys (authorized_keys).

Important for the SSL problem are (error) messages that occur when the script tries to download "ca.crt". The SSL certificate is fetched from the m23 server at the jobs m23Presetup (to ramdisk) and m23baseSys (to HDD).

Please try to find these messages.

PS It seems that there more investigation is needed to find the real problem. If your company/organisation/institute is from Germany, you could buy commerical m23 support from goos-habermann.de, to get a faster solution.
_________________
Hauke Goos-Habermann
- project leader m23 (http://m23.sf.net) -
Jabber: dodgerm23@jabber.org

Schulung, Entwicklung und Support zu m23 und anderen OpenSource-Produkten: www.goos-habermann.de

Auch DU kannst etwas gegen Softwarepatente tun! www.patentfrei.de
Back to top
View user's profile Send private message Send e-mail Visit poster's website
bforpc
Guest





PostPosted: Fri Nov 27, 2015 7:57    Post subject: Reply with quote

Hi,

i am not a company, i am a private user with some servers to play around with it. And yes, i am from germany.
And if m23 will work, i can try to show this solution to my company also.

But at the moment it shouldn't. It seems like it is not ready for company wide usage. If it have so much problems with so small newtork, how would it be in our intranet, where lot more PC's are on different locations.

Bfo
Back to top
Hauke



Joined: 02 Mar 2003
Posts: 1072

PostPosted: Sat Nov 28, 2015 15:18    Post subject: Reply with quote

Hi,

there are some bigger installations of m23 in companies and institutions.

But every scenario is different, so m23 may run out-of-the-box or not. In bigger and "special" scenarios, adjustments on different places may be needed to integrate m23 into the whole IT infrastructure.

To help you really (and not only guess), I need deeper knowledge of your complete setup and may need to do some tests on my own. This is a time consuming task and therefore I cannot do on a free basis.

Btw. Did you find the messages dealing with "ca.crt"?
_________________
Hauke Goos-Habermann
- project leader m23 (http://m23.sf.net) -
Jabber: dodgerm23@jabber.org

Schulung, Entwicklung und Support zu m23 und anderen OpenSource-Produkten: www.goos-habermann.de

Auch DU kannst etwas gegen Softwarepatente tun! www.patentfrei.de
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    READ ONLY FORUM: m23 :: makes software distribution easy Forum Index -> Problems with the server / Serverprobleme All times are GMT - 2 Hours
Page 1 of 1

 
Jump to:  
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group