Welcome to OCS Inventory NG community support, where you can ask questions and receive answers from other members of the community.

Please ask questions only in English or French.

Release 2.11.1 available

The official documentation can be found on http://wiki.ocsinventory-ng.org. Read it before asking your question.

(certificate verify failed) in Client-Log [closed]

Hi,

after having tested OCS Inventory with an installed Server (without ssl) on a Laptop in our network, we now want to let the server run on our hardware-server. Therefore we activated SSL on the server.

Now, starting the first Agent with

sudo ocsinventory-agent --server https://inventory.ourdomain.de/ocsinventory --debug

I get the following output:

[Thu Aug 11 12:46:02 2016][debug] Ocsinventory unified agent for UNIX, Linux and MacOSX 2.1.1
[Thu Aug 11 12:46:02 2016][debug] Log system initialised (File)
[Thu Aug 11 12:46:02 2016][debug] --scan-homedirs missing. Don't scan user directories
[Thu Aug 11 12:46:03 2016][debug] Accountinfo file: /var/lib/ocsinventory-agent/https:__inventory.ourdomain.de_ocsinventory/ocsinv.adm
[Thu Aug 11 12:46:03 2016][debug] OCS Agent initialised
[Thu Aug 11 12:46:03 2016][debug] Turns hooks on for /etc/ocsinventory-agent/modules.conf
[Thu Aug 11 12:46:03 2016][debug] Ocsinventory unified agent for UNIX, Linux and MacOSX 2.1.1
[Thu Aug 11 12:46:03 2016][debug] Log system initialised (File)
[Thu Aug 11 12:46:03 2016][debug] Calling handlers : `start_handler'
[Thu Aug 11 12:46:03 2016][debug] [download] Calling download_start_handler
[Thu Aug 11 12:46:03 2016][debug]  - LWP loaded
[Thu Aug 11 12:46:03 2016][debug]  - LWP::Protocol::https loaded
[Thu Aug 11 12:46:03 2016][debug] Compress::Zlib is available.
[Thu Aug 11 12:46:03 2016][debug] Calling handlers : `prolog_writer'
[Thu Aug 11 12:46:03 2016][debug] sending XML
[Thu Aug 11 12:46:03 2016][debug] sending: <?xml version="1.0" encoding="UTF-8"?>
<REQUEST>
  <DEVICEID>kumja-sony-blau-2016-08-10-11-35-06</DEVICEID>
  <QUERY>PROLOG</QUERY>
</REQUEST>

[Thu Aug 11 12:46:03 2016][error] Cannot establish communication : 500 Can't connect to inventory.ourdomain.de:443 (certificate verify failed)

I have put the fullchain.pem from the server as cacert.pem in the Agents /var/lib/ocsinventory-agent/https:__inventory.ourdomain.de_ocsinventory - directory. I thought, that I have to do this for the client for being able to verify the certificate. Because before I did this, the same error came, just without the notice (certificate verify failed).

Any help is much appreciated. Maybe a hint, what I have to do on the agents device for being able to do ssl with the Ocs-Server.

Everything (Server and Client) runs on a Linux Debian OS (Linux Mint).

If you have any further questions, please ask me for further informations.

Regards,

Dennie

closed with the note: Problem solved
in OCS Inventory NG agent for Unix by (120 points)
closed by

2 Answers

0 votes
Hello,

Your certificate is valid with common name of server ?
by (6.9k points)
0 votes
After many attempts v3 certificate with fqdn helped me to resolve this issue
by (140 points)
 
Powered by Question2Answer
...