Welcome to OCS Inventory NG community support, where you can ask questions and receive answers from other members of the community.

Please ask questions only in English or French.

Release 2.12.3 available

The official documentation can be found on https://wiki.ocsinventory-ng.org. Read it before asking your question.

Categories

Failed to send HTTP Post request <Peer certificate cannot be authenticated with known CA certificates>

Dear All,

I cannot use my Windows Agent with SSL.

--->Failed to send HTTP Post request <Peer certificate cannot be authenticated with known CA certificates>

I've a CA certificate (DigiCert), but my agent won't communicate.

This is my latest log file (changed MAC/servername):

==============================================================================
Starting OCS Inventory NG Agent on Wednesday, April 20, 2016 13:18:58.
AGENT => Running OCS Inventory NG Agent Version 2.1.1.1
AGENT => Using OCS Inventory NG FrameWork Version 2.1.1.1
AGENT => Loading plug-in(s)
 DLL PLUGIN => Searching for Plug-in DLL(s) in folder <C:\Program Files (x86)\OCS Inventory Agent\plugins>
 DLL PLUGIN => 0 DLL Plug-in(s) succesfully loaded on 0 DLL(s) found
AGENT => Using network connection with Communication Server
 COM PROVIDER => Loading Communication Provider <C:\Program Files (x86)\OCS Inventory Agent\ComHTTP.dll>
AGENT => Using Communication Provider <OCS Inventory NG cURL Communication Provider> Version <2.1.1.1>
AGENT => Sending Prolog
 DID_CHECK => Read DeviceID <WKS2060-2016-04-20-10-57-26> and MACs <F1:48:1C:97:51:AA> in file <ocsinventory.dat>
 COM SERVER => Initializing cURL library for sendRequest
 COM SERVER => Using cURL without server authentication
 COM SERVER => Disabling cURL proxy support
 COM SERVER => Enabling cURL SSL server validation support using CA Bundle <cacert.pem>
 COM SERVER => Sending HTTP Post request to URL <https://myserver0010.sub.mydomain.nl:443/ocsinventory>
 WARNING *** COM SERVER => Failed to send HTTP Post request <Peer certificate cannot be authenticated with known CA certificates>
 COM SERVER => Cleaning cURL library
ERROR *** AGENT => Failed to send Prolog <Peer certificate cannot be authenticated with known CA certificates>
AGENT => Unloading communication provider
AGENT => Unloading plug-in(s)
AGENT => Execution duration: 00:00:01.

==============================================================================

CentOS 7.
The hostname/DNS name is used in the request file csr for the certificate.
The DNS name is added to the hosts file.
I'm using a:
SSLCertificateFile (crt) and SSLCertificateChainFile (crt) on the hostserver.
The agent is using the cacert.pem (SSLCertificateFile + SSLCertificateChainFile)

The osc-inventory is https working.

I've tested also without the SSLCertificateChainFile on the server and local pem file. Didn't help.

What is going wrong?

Thanks.

Best,

Roy

in OCS Inventory NG agent for Windows by (160 points)
Share on
share on gp share on fb share on tw share on li

1 Answer

0 votes
Anyone who maybe got an idea what is going wrong?
by (160 points)
 
Powered by Question2Answer
...