WAPT Server OS Debian / Ouidoze Client 10/7
Hello,
I updated the WAPT server from 1.8.2.7334 to 1.8.2.7373. Everything went smoothly. My 1.8.2.7373 agent can still access the database, but:
- On machines included in the database prior to the update: no problems except on a few rare machines (5%/213)... the reasons for which are unclear and seem obscure (GPO not reinstalled even by force, impossible to install WAPT even manually, etc.).
- When clicking on a newly included machine, I want to authorize packages, but the software tells me: "The user certificate 'blabla....' is not authorized on the selected machine."
When I open the machine edits, it allows me to add packages, but the "save" button remains grayed out, and the changes cannot be saved.
Where did I go wrong?
Thank you in advance.
Updated to version 1.8.2.7373 from version 1.8.2.7334
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
-
dcardon
- WAPT Expert
- Messages: 1932
- Registration: June 18, 2014 - 09:58
- Location: Saint Sébastien sur Loire
- Contact :
* GPO issue -> check if the GPO client is down or if the machine account is still valid (machine not in a domain)
* Manual installation issue -> check if an antivirus program is accidentally deleting files
* Unknown certificate deployment issue -> could you have generated a new certificate during your update instead of reusing your existing one?
* Manual installation issue -> check if an antivirus program is accidentally deleting files
* Unknown certificate deployment issue -> could you have generated a new certificate during your update instead of reusing your existing one?
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
Hello,
thank you. The first 5% of the problem is clearly my responsibility, and I wasn't expecting help XD.
Regarding my main problem:
The client installs, the machine is added to the database, but it can't retrieve packages, and it's impossible to assign packages to it via the management client.
I don't remember having that option during the update... The certificate shown by the management client is indeed my assigned personal certificate. However, during the upgrade, I didn't perform an NGINX update; could the problem stem from that?
---config-----
personal_certificate_path=C:\private\XXXXXXX.crt
default_ca_cert_path=D:\WAPT\ssl
verify_cert=1
If the certificate had been regenerated, my old personal administration certificate shouldn't work anymore, I believe... but it doesn't... I can still administer the service.
Otherwise, I'm not sure I fully understand the method for creating a client certificate from the master certificate used...
Can using the system management number via the BIOS sometimes cause problems like this?
Thank you in advance.
thank you. The first 5% of the problem is clearly my responsibility, and I wasn't expecting help XD.
Regarding my main problem:
The client installs, the machine is added to the database, but it can't retrieve packages, and it's impossible to assign packages to it via the management client.
I don't remember having that option during the update... The certificate shown by the management client is indeed my assigned personal certificate. However, during the upgrade, I didn't perform an NGINX update; could the problem stem from that?
---config-----
personal_certificate_path=C:\private\XXXXXXX.crt
default_ca_cert_path=D:\WAPT\ssl
verify_cert=1
If the certificate had been regenerated, my old personal administration certificate shouldn't work anymore, I believe... but it doesn't... I can still administer the service.
Otherwise, I'm not sure I fully understand the method for creating a client certificate from the master certificate used...
Can using the system management number via the BIOS sometimes cause problems like this?
Thank you in advance.
No, the problem persists after configuring nginx.
In the command line:
`>wapt-get update-status
408, Warning Unable to update server status: OperationalError: attempt to write a readonly database. Wapt server is not available or error in inventory...`.
A ping to the server works perfectly, same configuration, same network circuit.
It works perfectly on some other machines... incomprehensible to me...
Okay, crash test, I reload the server image from 1.8.2.7334, and leave the clients on 1.8.2.7373... it works... then finally no... Something is therefore wrong with the WAPT server update on Debian to 1.8.2.7373.
I'm going to stick with a more stable version, avoiding 7373... too bad about the security vulnerability. But a secure service that doesn't work is less useful than a service that works with a vulnerability.
How can I verify that the correct certificate is being used?
Thank you.
In the command line:
`>wapt-get update-status
408, Warning Unable to update server status: OperationalError: attempt to write a readonly database. Wapt server is not available or error in inventory...`.
A ping to the server works perfectly, same configuration, same network circuit.
It works perfectly on some other machines... incomprehensible to me...
Okay, crash test, I reload the server image from 1.8.2.7334, and leave the clients on 1.8.2.7373... it works... then finally no... Something is therefore wrong with the WAPT server update on Debian to 1.8.2.7373.
I'm going to stick with a more stable version, avoiding 7373... too bad about the security vulnerability. But a secure service that doesn't work is less useful than a service that works with a vulnerability.
How can I verify that the correct certificate is being used?
Thank you.
