Hello,
We have been your customers for one year, and I have been using your product for five years. I wanted to update our platform, adhering to all the prerequisites, but I encountered significant problems.
I observed a change in the product's behavior in versions 2.3 and 2.4.
In fact, I tried updating our server, and it caused a major disruption across the entire network. Consequently, I set up a new server on Debian 12, and I am experiencing the same issue.
I will explain my problem to you.
We have a WAPT server (with two network cards) on two separate networks (PEDA and ADMIN) because we have two domains.
Previously, on the PEDA and ADMIN networks, when I installed the agent (we assigned the WAPT server's IP address to the corresponding network), it automatically registered the machine (peda or admin) with the server via HTTPS.
Since the update to version 2.3 or 2.4, only the PEDA machines register via HTTPS. The machine doesn't appear in the ADMIN console unless I use HTTP.
Could you please help me understand the difference since version 2.2?
I look forward to your reply.
Sincerely,
HTTPS problem with WAPT 2.3 or 2.4
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
-
sfonteneau
- WAPT Expert
- Messages: 2318
- Registered: July 10, 2014 - 11:52 PM
- Contact :
Hello,
what is your registration method? (Kerberos - without authentication)?
Is the WAPT server web interface accessible from both networks?
What is the output of the `wapt-get register` command on the workstations?
Simon
what is your registration method? (Kerberos - without authentication)?
Is the WAPT server web interface accessible from both networks?
What is the output of the `wapt-get register` command on the workstations?
Simon
Hello,
First of all, thank you for your quick response. I'm replying late because we have a significant time difference.
My registration mode is "without authentication," chosen in the post-configuration
: -----------------------------------------------------------------------------------------------------------------------------
"WaptAgent Authentication type?
-------------------------------------------------------------------------------------------------------------------------------------
(*) 1 Allow unauthenticated registration, same behavior as wapt 1.3"
The web interface is accessible via both network IPs.
From the PEDA network on a workstation, the command "wapt-get register" gives the following result:
C:\Windows\System32>wapt-get register
Using config file: C:\Program Files (x86)\wapt\wapt-get.ini
Registering host against server: https://10.0.11.234
Host correctly registered against server https://10.0.11.234.
From the ADMIN network on a workstation, the command "wapt-get register" gives the following result:
C:\Windows\System32 >wapt-get register
Using config file: C:\Program Files (x86)\wapt\wapt-get.ini
Registering host against server: https://10.0.18.106
FATAL ERROR: EWaptExXception: Unable to register: waptserver https://10.0.18.106 not available
Seeing a problem, I performed a ping to demonstrate that the workstation has access to the server.
C:\Windows\System32>ping 10.0.18.106
Sending a Ping request to
10.0.18.106 with 32 bytes of data:
Reply from 10.0.18.106: bytes=32 time
Reply from 10.0.18. 106: bytes=32 time
Reply from 10.0.18.106: bytes=32 time=1 ms TTL=64
Reply from 10.0.18.106: bytes=32 time=3 ms TTL=64
Ping statistics for 10.0.18.106:
Packets: sent = 4, received = 4, lost = 0 (0% loss),
Approximate round-trip times in milliseconds:
Minimum = 0ms, Maximum = 3ms, Average = 0ms
Regards,
First of all, thank you for your quick response. I'm replying late because we have a significant time difference.
My registration mode is "without authentication," chosen in the post-configuration
: -----------------------------------------------------------------------------------------------------------------------------
"WaptAgent Authentication type?
-------------------------------------------------------------------------------------------------------------------------------------
(*) 1 Allow unauthenticated registration, same behavior as wapt 1.3"
The web interface is accessible via both network IPs.
From the PEDA network on a workstation, the command "wapt-get register" gives the following result:
C:\Windows\System32>wapt-get register
Using config file: C:\Program Files (x86)\wapt\wapt-get.ini
Registering host against server: https://10.0.11.234
Host correctly registered against server https://10.0.11.234.
From the ADMIN network on a workstation, the command "wapt-get register" gives the following result:
C:\Windows\System32 >wapt-get register
Using config file: C:\Program Files (x86)\wapt\wapt-get.ini
Registering host against server: https://10.0.18.106
FATAL ERROR: EWaptExXception: Unable to register: waptserver https://10.0.18.106 not available
Seeing a problem, I performed a ping to demonstrate that the workstation has access to the server.
C:\Windows\System32>ping 10.0.18.106
Sending a Ping request to
10.0.18.106 with 32 bytes of data:
Reply from 10.0.18.106: bytes=32 time
Reply from 10.0.18. 106: bytes=32 time
Reply from 10.0.18.106: bytes=32 time=1 ms TTL=64
Reply from 10.0.18.106: bytes=32 time=3 ms TTL=64
Ping statistics for 10.0.18.106:
Packets: sent = 4, received = 4, lost = 0 (0% loss),
Approximate round-trip times in milliseconds:
Minimum = 0ms, Maximum = 3ms, Average = 0ms
Regards,
Hello again,
After investigating, I found the problem:
When I install the agent on a machine on the ADMIN network, I configure the IP address manually. Here is the "wapt-get.ini" file after installation:
[global]
repo_url=https://10.0.18.106/wapt
send_usage_report=1
use_hostpackages=1
wapt_server=https://10.0.18.106
max_gpo_script_wait=180
pre_shutdown_timeout=180
hiberboot_enabled=0
Notice that the "verify_cert" parameter is missing. Once I add it, everything works correctly.
By default, the parameter is set correctly.
Do you have an explanation for this issue?
Best regards,
After investigating, I found the problem:
When I install the agent on a machine on the ADMIN network, I configure the IP address manually. Here is the "wapt-get.ini" file after installation:
[global]
repo_url=https://10.0.18.106/wapt
send_usage_report=1
use_hostpackages=1
wapt_server=https://10.0.18.106
max_gpo_script_wait=180
pre_shutdown_timeout=180
hiberboot_enabled=0
Notice that the "verify_cert" parameter is missing. Once I add it, everything works correctly.
By default, the parameter is set correctly.
Do you have an explanation for this issue?
Best regards,
-
sfonteneau
- WAPT Expert
- Messages: 2318
- Registered: July 10, 2014 - 11:52 PM
- Contact :
-
sfonteneau
- WAPT Expert
- Messages: 2318
- Registered: July 10, 2014 - 11:52 PM
- Contact :
So verify_cert will disappear if the IP address is entered manually?
-
sfonteneau
- WAPT Expert
- Messages: 2318
- Registered: July 10, 2014 - 11:52 PM
- Contact :
I'm running a test and will get back to you to confirm the bug in version 2.4.
