Tranquil IT Forum

Published: **April 10, 2018 - 11:00 AM**

Hello,

Server: Debian 9 / WAPT 1.5.1.21
Dev machine / Windows 10

I created a secondary repository, but when I try to install a package on my dev machine from this repository, I get SSL errors. I imagine I need to import the certificate, but I don't know where to find it, or where to put it afterward.
I haven't seen anything about this in the documentation: https://www.wapt.fr/fr/doc/Replicate_Mu ... index.html

If someone could explain this to me...
Thanks in advance.
AND

PS to the admins: I asked this question in the "WAPT packages" section of the forum (along with other questions, by the way). After thinking about it, I thought this might be a more appropriate place... but I can't seem to move the message.

Published: **April 10, 2018 - 11:24 AM**

Good morning

To understand this better:

https://www.wapt.fr/fr/doc/Configuratio ... at-ssl-tls

You have several options; you can generate a CA for HTTPS certificate verification, then simply add the CA as a path for verify_cert.

Another solution is to create an allcert.crt file and place it in ssl\server\

This file will contain all the certificates from the different repositories, allowing for proper verification.

Otherwise, activate a

Code: Select all

wapt-get enable-check-certificate

on the customers

Published: **April 10, 2018 - 2:34 PM**

Hello,

thank you for your reply.
The documentation you provided, and the `wapt-get enable-check-certificate` command, allow me to retrieve the server's certificate. I have no problem with this certificate.
The problem lies with the secondary repository's certificate (only tis-waptrepo is installed on this server).

Published: **April 10, 2018 - 3:34 PM**

Okay,

so I just tried retrieving a package from a web browser. It shed some light on the situation (why didn't I think of that before?).
I do have a certificate problem, but not the one I expected: "
The certificate is not trusted because it is self-signed.
The certificate is only valid for ancien-hostname.

" The created certificate doesn't have the correct hostname ("ancien-hostname" in the lines above). This machine is a virtual server, deployed from a template, and the certificate took the template's name, not the machine's name (which I did change before installing everything else).

Anyway, do you have any idea how I can regenerate an HTTPS certificate on this machine?
Thanks in advance
.

Tranquil IT Forum

SSL problem on secondary repository

SSL problem on secondary repository

Re: SSL problem on secondary repository

Re: SSL problem on secondary repository

Re: SSL problem on secondary repository