Welcome to OCS Inventory NG community support, where you can ask questions and receive answers from other members of the community.

Please ask questions only in English or French.

Release 2.12.3 available

The official documentation can be found on https://wiki.ocsinventory-ng.org. Read it before asking your question.

Change Download Mode portal From http to https

Hi All,

I want to setup my agent download module from http to https. But when i checked the agent log, download module still use http. Any advise?

Thanks
in OCS Inventory NG server for Unix by (200 points)

1 Answer

0 votes

The documentation for Deploying packages is https://wiki.ocsinventory-ng.org/05.Deployment/Deploying-packages-or-executing-commands-on-client-hosts/

For create a package, you need to

- prepare files for the package, and zip/tar.gz them for next step

- create the package : name, description, zip file, action, ... the server create the 'info file' and 'fragments' and ask for 2 url : first for 'info file' and second for 'fragments'

- activate the package : the package is now available

Due the request of 2 url, the server could be different of Communication Server, and the agent receive all informations about package available during exchange with Communication Server. 

As you can read in section' Activating package' : 

Agents will first download the package information file. As this file is very critical, this download must be done using HTP over SSL (HTPS) to ensure that agents can authenticate the deployment server. Next, the download of the package's fragments described in the information file will be done using standard HTP.

So, imho,

- first, the agent get, from Communication Server, packages available with id and the 2 url for download

- second, the agent use first url for downloading the 'info file' (in HTPS)

- third, the agent use second url for downloading 'fragments' files (in HTP, separated of 1 minute).

You can try force HTPS for downloading fragments using the next information

If your HTPS or HTP deployement server works on non standard ports, you can specify working port using the standard notation “server_address:server_port/folder”. For example, your deployement server works on port HTP 8080 and HTPS 4343 on server 192.168.1.1, and packages are located under /download durectory. You must fill in:

htps url: 192.168.1.1:4343/download

htp url: 192.168.1.1:8080/download 

You could try the 443 port for 'fragment url', may be the agent use HTPS due HTPS = HTP over 443 !? Please note, I didn't verify this idea !

If this can help ... 

(I write HTP and HTPS instead of traditionnal ports due the limitation of editor.) 

by (20.1k points)
edited by
 
Powered by Question2Answer
...