Welcome to OCS Inventory NG community support, where you can ask questions and receive answers from other members of the community.

Please ask questions only in English or French.

Release 2.11.1 available

The official documentation can be found on http://wiki.ocsinventory-ng.org. Read it before asking your question.

Categories

no connection over https

Good afternoon! Sorry for my English

  • PHP Version : 7.3.27
  • Web Server : Apache/2.4.38 (Debian)
  • Database Server : Debian 10 version 10.3.27-MariaDB-0+deb10u1
  • Version OCSReports: 2.8

A self-signed certificate is configured:

https://weblst.ru/article/nastroyka-https-na-apache-ubuntu/

Pulled the certificate from the server with the command:

openssl s_client -showcerts -connect seal:443 </dev/null 2>/dev/null | openssl x509 -outform PEM >/etc/ocsinventory-agent/cacert.pem

ocsinventory-agent:

server=https://seal/ocsinventory

ssl=1

basevardir=/var/lib/ocsinventory-agent

logfile=/var/log/ocs_agent.log

ca=/etc/ocsinventory-agent/cacert.pem

debug=

snmpretry=2

snmp=1

snmptimeout=3

tag=Server

I get an error on the log:

[Mon Mar 22 13:45:29 2021][error] Cannot establish communication : 500 Can't connect to seal:443 (hostname verification failed)

[Mon Mar 22 13:46:50 2021][error] Cannot establish communication : 500 Can't connect to 192.168.4.70:443 (hostname verification failed)

[Mon Mar 22 13:49:35 2021][debug] Ocsinventory unified agent for UNIX, Linux and MacOSX 2.8.1

[Mon Mar 22 13:49:35 2021][debug] Log system initialised (File)

[Mon Mar 22 13:49:35 2021][debug] --scan-homedirs missing. Don't scan user directories

[Mon Mar 22 13:49:35 2021][debug] Accountinfo file: /var/lib/ocsinventory-agent/https:__192.168.4.70_ocsinventory/ocsinv.adm

[Mon Mar 22 13:49:35 2021][debug] OCS Agent initialised

[Mon Mar 22 13:49:35 2021][debug] Turns hooks on for /etc/ocsinventory-agent/modules.conf

[Mon Mar 22 13:49:35 2021][debug] Ocsinventory unified agent for UNIX, Linux and MacOSX 2.8.1

[Mon Mar 22 13:49:35 2021][debug] Log system initialised (File)

[Mon Mar 22 13:49:35 2021][debug] Ocsinventory unified agent for UNIX, Linux and MacOSX 2.8.1

[Mon Mar 22 13:49:35 2021][debug] Log system initialised (File)

[Mon Mar 22 13:49:35 2021][debug] Calling handlers : `start_handler'

[Mon Mar 22 13:49:35 2021][debug] [download] Calling download_start_handler

[Mon Mar 22 13:49:35 2021][debug]  - LWP loaded

[Mon Mar 22 13:49:35 2021][debug]  - LWP::Protocol::https loaded

[Mon Mar 22 13:49:35 2021][debug] [snmpscan] Calling snmp_start_handler

[Mon Mar 22 13:49:35 2021][debug]  - Net::SNMP loaded

[Mon Mar 22 13:49:35 2021][debug] Compress::Zlib is available.

[Mon Mar 22 13:49:35 2021][debug] Calling handlers : `prolog_writer'

[Mon Mar 22 13:49:35 2021][debug] sending XML

[Mon Mar 22 13:49:35 2021][debug] sending: <?xml version="1.0" encoding="UTF-8"?>

<REQUEST>

  <DEVICEID>ocs-2021-03-22-11-52-34</DEVICEID>

  <QUERY>PROLOG</QUERY>

</REQUEST>

[Mon Mar 22 13:49:35 2021][error] Cannot establish communication : 500 Can't connect to 192.168.4.70:443 (hostname verification failed)

[Mon Mar 22 15:03:39 2021][error] Cannot establish communication : 500 Can't connect to 192.168.4.70:443 (hostname verification failed)

[Mon Mar 22 15:05:25 2021][error] Cannot establish communication : 500 Can't connect to seal:443 (hostname verification failed)

[Mon Mar 22 15:14:53 2021][error] Cannot establish communication : 500 Can't connect to seal:443 (hostname verification failed)

[Mon Mar 22 15:17:02 2021][error] Cannot establish communication : 500 Can't connect to seal:443 (hostname verification failed)

[Mon Mar 22 15:19:41 2021][error] Cannot establish communication : 500 Can't connect to seal:443 (hostname verification failed)

The data is sent to the server via http. I'm trying to configure SNMP. Help me figure it out.

in OCS Inventory NG agent for Unix by (240 points)
Share on
share on gp share on fb share on tw share on li

5 Answers

0 votes
Hi,

seal hostname could be dns resolved ?

Regards

Frank
by (88.5k points)
0 votes

I have an agent on the Debian server itself, I tried changing the OCS agent configuration file:

https://localhost/ocsinventory

https://127.0.0.1/ocsinventory

https://127.0.1.1/ocsinventory

I get the same errors in the logs, and if I open the address https://seal/ocsreports, then there is access, i.e. the Web interface works

Log:

[Tue Mar 23 03:19:01 2021][error] Cannot establish communication : 500 Can't connect to seal:443 (hostname verification failed)

[Tue Mar 23 03:19:01 2021][info] No previous PROLOG_FREQ found - using fallback delay(3600 seconds)

[Tue Mar 23 09:36:33 2021][info] Accountinfo file doesn't exist. I create an empty one.

[Tue Mar 23 09:36:33 2021][error] Cannot establish communication : 500 Can't connect to localhost:443 (hostname verification failed)

[Tue Mar 23 09:44:23 2021][info] Accountinfo file doesn't exist. I create an empty one.

[Tue Mar 23 09:44:23 2021][error] Cannot establish communication : 500 Can't connect to 127.0.0.1:443 (hostname verification failed)

[Tue Mar 23 09:44:58 2021][info] Accountinfo file doesn't exist. I create an empty one.

[Tue Mar 23 09:44:58 2021][error] Cannot establish communication : 500 Can't connect to 127.0.1.1:443 (hostname verification failed)

by (240 points)
0 votes
The cn of the certificate must be the fdqn or ip address of the ocs server not localhost or 127.0.0.1.
by (88.5k points)
0 votes

Thanks for the answer! Indeed, I corrected it and there are no more 500 errors! Tell me what to watch next:

[Tue Mar 23 10:58:14 2021][info] Accountinfo file doesn't exist. I create an empty one.

[Tue Mar 23 10:58:14 2021][info] PROLOG_FREQ has changed since last process(old=,new=24)

[Tue Mar 23 10:58:14 2021][info] [download] Download is off.

[Tue Mar 23 10:58:23 2021][info] [download] Beginning work. I am 2234.

[Tue Mar 23 10:58:23 2021][info] [download] Option turned off. Exiting.

by (240 points)
0 votes
Tell me how I can view information about SNMP, logs. Thanks! Inventory over HTTPS works. It remains to make SNMP work.
by (240 points)
 
Powered by Question2Answer
...