[SOLVED] Websocket connect error

Questions about WAPT Server / Requests and help related to the WAPT server
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Locked
mart03
Messages: 47
Registration: December 26, 2017 - 11:03

February 11, 2020 - 6:38 PM

Specify the installed WAPT version (1.8)
* Specify the server OS (Linux) and version (Debian Buster)
* Specify the OS of the machine used for administration/package creation (Debian Buster)

Good morning,

After installing the Linux Agent package and configuring wapt-get.ini, I encounter the following errors:

Code: Select all

CRITICAL Error: [('x509 certificate routines', 'X509_check_private_key', 'key values mismatch')]
WARNING Websocket connect params: [('x509 certificate routines', 'X509_check_private_key', 'key values mismatch')]
WARNING Websocket connect params: [('x509 certificate routines', 'X509_check_private_key', 'key values mismatch')]
.....
What does this correspond to, please? I think it's related to the certificate...

Here is my configuration file:

Code: Select all

[global]
repo_url=https://XXXX.XXXX.dc/wapt
wapt_server=https://XXXX.XXXX.dc/
use_hostpackages=1
use_kerberos=0
check_certificates_validity=0
verify_cert=0
personal_certificate_path=/opt/wapt/ssl/XXX.crt
THANKS.
Last edited by mart03 on Feb 13, 2020 - 09:01, edited 1 time.
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

February 12, 2020 - 10:42

Code: Select all

personal_certificate_path=/opt/wapt/ssl/XXX.crt

personal_certificate_path is only useful if you want to create packages from the Linux client

The indicated path is therefore incorrect

Note that the private key for wapt (the one used to sign packages) must not be in /opt/wapt!

However, the public key must be in /opt/wapt/ssl/

Once that's done, you can run the command

Code: Select all

wapt-get register
High
mart03
Messages: 47
Registration: December 26, 2017 - 11:03

February 12, 2020 - 11:16

Thank you for your reply.

I removed the personal_certificate_path line

and I can confirm that the public key is indeed in the opt/wapt/ssl folder.
Does it need specific permissions? Owner/group?

Thank you.
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

February 12, 2020 - 12:37

What does the register show?
High
mart03
Messages: 47
Registration: December 26, 2017 - 11:03

February 12, 2020 - 1:49 PM

Here's the return:

Code: Select all

root@XXXX:~# wapt-get register
Using config file: /opt/wapt/wapt-get.ini
Registering host against server: https://XXX.XXXX.dc/
FATAL ERROR : Error: [('x509 certificate routines', 'X509_check_private_key', 'key values mismatch')]
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

February 12, 2020 - 2:43 PM

And :

Code: Select all

wapt-get register -ldebug
High
mart03
Messages: 47
Registration: December 26, 2017 - 11:03

February 12, 2020 - 3:02 PM

Here is :

Code: Select all

wapt-get register -ldebug
2020-02-12 14:58:47,450 DEBUG Default encoding : ascii
2020-02-12 14:58:47,455 DEBUG Setting encoding for stdout and stderr to UTF-8
2020-02-12 14:58:47,455 DEBUG Python path ['/opt/wapt', '/opt/wapt', '/opt/wapt/lib/python2.7', '/opt/wapt/lib/python2.7/plat-x86_64-linux-gnu', '/opt/wapt/lib/python2.7/lib-tk', '/opt/wapt/lib/python2.7/lib-old', '/opt/wapt/lib/python2.7/lib-dynload', '/usr/lib/python2.7', '/usr/lib/python2.7/plat-x86_64-linux-gnu', '/usr/lib/python2.7/lib-tk', '/opt/wapt/lib/python2.7/site-packages']
2020-02-12 14:58:47,455 INFO Using local waptservice configuration /opt/wapt/wapt-get.ini
2020-02-12 14:58:47,456 DEBUG Config file: /opt/wapt/wapt-get.ini
Using config file: /opt/wapt/wapt-get.ini
2020-02-12 14:58:47,468 DEBUG Thread 140067123935040 is connecting to wapt db
2020-02-12 14:58:47,741 DEBUG Using host certificate /opt/wapt/private/f7097310-8436-bf45-ae76-394dd2f63dcf.pem for repo global auth
2020-02-12 14:58:47,848 DEBUG Thread 140067123935040 is connecting to wapt db
2020-02-12 14:58:47,849 DEBUG DB Start transaction
2020-02-12 14:58:47,850 DEBUG DB commit
2020-02-12 14:58:47,966 DEBUG Using host certificate /opt/wapt/private/f7097310-8436-bf45-ae76-394dd2f63dcf.pem for repo wapt auth
2020-02-12 14:58:48,180 DEBUG Using host certificate /opt/wapt/private/f7097310-8436-bf45-ae76-394dd2f63dcf.pem for repo wapt-host auth
2020-02-12 14:58:48,233 INFO User Groups:[]
2020-02-12 14:58:48,234 DEBUG WAPT base directory : /opt/wapt
2020-02-12 14:58:48,234 DEBUG Package cache dir : /opt/wapt/cache
2020-02-12 14:58:48,234 DEBUG WAPT DB Structure version;: 20190606
Registering host against server: https://XXX.XXX.dc/
2020-02-12 14:58:48,234 DEBUG DB Start transaction
2020-02-12 14:58:48,235 DEBUG DB commit
2020-02-12 14:58:48,265 DEBUG DB Start transaction
2020-02-12 14:58:48,266 DEBUG DB commit
2020-02-12 14:58:48,270 DEBUG DB Start transaction
2020-02-12 14:58:48,271 DEBUG DB commit
2020-02-12 14:58:48,461 DEBUG DB Start transaction
2020-02-12 14:58:48,462 DEBUG DB commit
2020-02-12 14:58:48,473 DEBUG Stores cert chain check in cache
2020-02-12 14:58:49,941 DEBUG Loading ssl context with cert /opt/wapt/private/f7097310-8436-bf45-ae76-394dd2f63dcf.crt and key /opt/wapt/private/f7097310-8436-bf45-ae76-394dd2f63dcf.pem
FATAL ERROR : Error: [('x509 certificate routines', 'X509_check_private_key', 'key values mismatch')]
Traceback (most recent call last):
  File "/opt/wapt//wapt-get.py", line 1429, in <module>
    main()
  File "/opt/wapt//wapt-get.py", line 1211, in main
    description=(" ".join(args[1:])).decode(sys.getfilesystemencoding()),
  File "/opt/wapt/common.py", line 5482, in register_computer
    signer = self.get_host_certificate().cn
  File "/opt/wapt/common.py", line 1852, in post
    with self.get_requests_session(surl,use_ssl_auth=use_ssl_auth) as session:
  File "/opt/wapt/common.py", line 1594, in get_requests_session
    session = get_requests_client_cert_session(url=url,cert=cert,verify=self.verify_cert,proxies=self.proxies)
  File "/opt/wapt/waptutils.py", line 779, in get_requests_client_cert_session
    result.mount(url, SSLAdapter(cert[0],cert[1],cert[2],**kwargs))
  File "/opt/wapt/waptutils.py", line 730, in __init__
    super(SSLAdapter, self).__init__(*args, **kwargs)
  File "/opt/wapt/lib/python2.7/site-packages/requests/adapters.py", line 129, in __init__
    self.init_poolmanager(pool_connections, pool_maxsize, block=pool_block)
  File "/opt/wapt/waptutils.py", line 733, in init_poolmanager
    self._add_ssl_context(kwargs)
  File "/opt/wapt/waptutils.py", line 747, in _add_ssl_context
    password=str(self._password))
  File "/opt/wapt/lib/python2.7/site-packages/urllib3/contrib/pyopenssl.py", line 439, in load_cert_chain
    self._ctx.use_privatekey_file(keyfile or certfile)
  File "/opt/wapt/lib/python2.7/site-packages/OpenSSL/SSL.py", line 990, in use_privatekey_file
    self._raise_passphrase_exception()
  File "/opt/wapt/lib/python2.7/site-packages/OpenSSL/SSL.py", line 967, in _raise_passphrase_exception
    _raise_current_error()
  File "/opt/wapt/lib/python2.7/site-packages/OpenSSL/_util.py", line 54, in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.SSL.Error: [('x509 certificate routines', 'X509_check_private_key', 'key values mismatch')]
THANKS :)
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

February 12, 2020 - 6:33 PM

Can you try this?

Code: Select all

rm -f /opt/wapt/private/*.crt
rm -f /opt/wapt/private/*.pem
wapt-get register
High
mart03
Messages: 47
Registration: December 26, 2017 - 11:03

February 13, 2020 - 9:00 AM

Okay, thank you for your help
High
Locked

Return to "WAPT Server"


  • To go further with WAPT