Hello,
I'm a fairly new user and I'm having a recurring problem.
I regularly get errors when launching tasks, as indicated in the title. For example:
"Exception: Package file c:\wapt\cache\prefix-package-name.wapt signature is invalid."
The problem is that two days prior, on the same machine, there were no issues.
I haven't regenerated a certificate in the meantime, the agent and server versions match, and the .crt files (I have two administration machines) are present on the client.
Editing the package and re-building/uploading it seems to work, but with a software suite of several gigabytes (or even tens of gigabytes), I'm wasting a lot of time...
Is it possible to resign the packages from the server (Linux) or is there another technique that would prevent me from having to download/upload the packages every time this happens?
Thank you for your help.
signature is invalid
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
-
sfonteneau
- WAPT Expert
- Messages: 2318
- Registered: July 10, 2014 - 11:52 PM
- Contact :
Hello,
in the upcoming version 1.5, there is indeed a script that allows you to re-sign all packages in bulk.
In your case, according to the message, there does seem to be a certificate error in the package.
Are you using the same key on both administration machines?
Recently, with the arrival of the new features, many people have confused the package signing key with the machine key.
Please note, you must use the *.pem file located in c:\private and not the key located in c:\wapt\private\!
in the upcoming version 1.5, there is indeed a script that allows you to re-sign all packages in bulk.
In your case, according to the message, there does seem to be a certificate error in the package.
Are you using the same key on both administration machines?
Recently, with the arrival of the new features, many people have confused the package signing key with the machine key.
Please note, you must use the *.pem file located in c:\private and not the key located in c:\wapt\private\!
Hello,
thank you for your quick reply.
However, I'm not sure I set up WAPT correctly...
On each administration machine, I generated a certificate.
I then pasted the generated .crt file into the c:\wapt\ssl folder on all machines, including the administration machine.
This seemed to solve my problem temporarily (I was getting a "private key does not exist" message on one of the two admin machines), but if I understand your reply correctly, this isn't the right way to do it.
Does this mean there can't be multiple signers?
Thank you and have a good day.
thank you for your quick reply.
However, I'm not sure I set up WAPT correctly...
On each administration machine, I generated a certificate.
I then pasted the generated .crt file into the c:\wapt\ssl folder on all machines, including the administration machine.
This seemed to solve my problem temporarily (I was getting a "private key does not exist" message on one of the two admin machines), but if I understand your reply correctly, this isn't the right way to do it.
Does this mean there can't be multiple signers?
Thank you and have a good day.
-
sfonteneau
- WAPT Expert
- Messages: 2318
- Registered: July 10, 2014 - 11:52 PM
- Contact :
Hello,
your method also works. There can be multiple signers.
However, the machine on which you deploy your packages must have the various certificates.
your method also works. There can be multiple signers.
However, the machine on which you deploy your packages must have the various certificates.
Hello,
so the problem isn't there; the .crt files are copied to the clients every time they start up.
To get back to my first question, you're confirming that version 1.3 doesn't offer the option to sign packages directly from the server?
Even if it has to be done individually, it would still save me time on downloading and uploading.
so the problem isn't there; the .crt files are copied to the clients every time they start up.
To get back to my first question, you're confirming that version 1.3 doesn't offer the option to sign packages directly from the server?
Even if it has to be done individually, it would still save me time on downloading and uploading.
