Hello,
I need to change the WAPT server name. Clients should now contact the server at waptclg.mycompany.fr instead of waptclg01.toto.local.
My DNS records have been updated to point to my server's IP address: waptclg.mycompany.fr.
On the server, which is running Debian 13, I modified the name using
`hostnamectl set-hostname waptclg.mycompany.fr`
and also using
`nano /etc/hosts`.
I assume I need to run `/opt/wapt/waptserver/scripts/postconf.sh`?
What other modifications are necessary? How do I re-certify the server?
I haven't deployed the agent to the workstations yet.
Thank you.
WAPT ENTERPRISE license,
2 WAPT client instances
: soon to reach 2200 on the new instance.
[RESOLVED] Server name change
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
-
dcardon
- WAPT Expert
- Messages: 1929
- Registration: June 18, 2014 - 09:58
- Location: Saint Sébastien sur Loire
- Contact :
Hi Skoizer,
Since the workstations will have the old name in their configuration, the transition will need to be managed carefully. This is the thing you need to pay the most attention to.
Is the old certificate self-signed or not? Is the new one self-signed or not? Is HTTPS certificate verification enabled, pinned (i.e., it points to a certificate file on the server), or does it validate against a standard bundle?
If you update the agents via waptdeploy using GPO, then you just need to recreate an agent with the new configuration (URL + certificate configuration). If there are workstations outside the domain, you need to be careful with the transition so they aren't left behind.
Can the old server remain running in parallel for a while, so you can push an xyz-waptupgrade package with the new configuration?
Best regards,
Denis
Since the workstations will have the old name in their configuration, the transition will need to be managed carefully. This is the thing you need to pay the most attention to.
Is the old certificate self-signed or not? Is the new one self-signed or not? Is HTTPS certificate verification enabled, pinned (i.e., it points to a certificate file on the server), or does it validate against a standard bundle?
If you update the agents via waptdeploy using GPO, then you just need to recreate an agent with the new configuration (URL + certificate configuration). If there are workstations outside the domain, you need to be careful with the transition so they aren't left behind.
Can the old server remain running in parallel for a while, so you can push an xyz-waptupgrade package with the new configuration?
Best regards,
Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
Thank you for your reply.
It was a new WAPT server, so I don't have any clients yet.
I ended up recreating the server from scratch and generating a self-signed certificate for the packages.
Regarding web server verification, I haven't configured the agent to verify the server certificate.
On
Nginx Debian 13, I've installed Let's Encrypt.
I'm copying the self-generated certificates here:
/opt/wapt/waptserver/ssl/key.pem
and /opt/wapt/waptserver/ssl/cert.pem.
If I do this, will the server verification be handled by Let's Encrypt?
It was a new WAPT server, so I don't have any clients yet.
I ended up recreating the server from scratch and generating a self-signed certificate for the packages.
Regarding web server verification, I haven't configured the agent to verify the server certificate.
On
Nginx Debian 13, I've installed Let's Encrypt.
I'm copying the self-generated certificates here:
/opt/wapt/waptserver/ssl/key.pem
and /opt/wapt/waptserver/ssl/cert.pem.
If I do this, will the server verification be handled by Let's Encrypt?
