Tranquil IT Forum

WAPT Server OS Debian / Ouidoze Client 10/7

Hello,

I updated the WAPT server from 1.8.2.7334 to 1.8.2.7373. Everything went smoothly. My 1.8.2.7373 agent can still access the database, but:

- On machines included in the database prior to the update: no problems except on a few rare machines (5%/213)... the reasons for which are unclear and seem obscure (GPO not reinstalled even by force, impossible to install WAPT even manually, etc.).

- When clicking on a newly included machine, I want to authorize packages, but the software tells me: "The user certificate 'blabla....' is not authorized on the selected machine."
When I open the machine edits, it allows me to add packages, but the "save" button remains grayed out, and the changes cannot be saved.

Where did I go wrong?
Thank you in advance.

* GPO issue -> check if the GPO client is down or if the machine account is still valid (machine not in a domain)
* Manual installation issue -> check if an antivirus program is accidentally deleting files
* Unknown certificate deployment issue -> could you have generated a new certificate during your update instead of reusing your existing one?

Hello,
thank you. The first 5% of the problem is clearly my responsibility, and I wasn't expecting help XD.

Regarding my main problem:
The client installs, the machine is added to the database, but it can't retrieve packages, and it's impossible to assign packages to it via the management client.
I don't remember having that option during the update... The certificate shown by the management client is indeed my assigned personal certificate. However, during the upgrade, I didn't perform an NGINX update; could the problem stem from that?

---config-----
personal_certificate_path=C:\private\XXXXXXX.crt
default_ca_cert_path=D:\WAPT\ssl
verify_cert=1

If the certificate had been regenerated, my old personal administration certificate shouldn't work anymore, I believe... but it doesn't... I can still administer the service.
Otherwise, I'm not sure I fully understand the method for creating a client certificate from the master certificate used...

Can using the system management number via the BIOS sometimes cause problems like this?

Thank you in advance.

No, the problem persists after configuring nginx.

In the command line:
`>wapt-get update-status
408, Warning Unable to update server status: OperationalError: attempt to write a readonly database. Wapt server is not available or error in inventory...`.

A ping to the server works perfectly, same configuration, same network circuit.
It works perfectly on some other machines... incomprehensible to me...

Okay, crash test, I reload the server image from 1.8.2.7334, and leave the clients on 1.8.2.7373... it works... then finally no... Something is therefore wrong with the WAPT server update on Debian to 1.8.2.7373.

I'm going to stick with a more stable version, avoiding 7373... too bad about the security vulnerability. But a secure service that doesn't work is less useful than a service that works with a vulnerability.

How can I verify that the correct certificate is being used?

Thank you.