Tranquil IT Forum

To check something:
You can run this command to verify that the password is correct

The command returns:

RSA private-key: (2048 bit, 2 primes)

then the key below

. The password is correct.

Can you compare the moduli of the PEM and the CRT?

The modulus is different. Hence the problem, I suppose.

Is there a solution?

Hi Valentin,

if the module is different, it means the certificate (truc.crt) wasn't created from the key in question (truc.pem)... A new key was probably created with the same name, or something similar.

You need to check the crt against the one deployed on the client machines (in wapt\ssl). If you can't find the corresponding key, you'll need to create a new private/public key pair, then regenerate the agent and push it back onto the network via GPO or another method.

WAPT security is based on PKI functionality, meaning the agent validates packet signatures against a public certificate deployed on each agent. The packet must be signed with the corresponding private key; otherwise, it will be rejected.

I'm marking this topic as resolved.

Best regards,

Denis

Hello,

I haven't touched my key pair at all. So I have no idea what could have happened to cause the certificate to be different.
I've been using WAPT since September 2022, and the key and certificate were created then.

Anyway, I just regenerated a key pair, re-signed the hosts and packages, and copied the certificate to a machine and tried modifying it there, and it works.

I'm now going to deploy the certificate across the network.

Thank you for your time.