Per Guillaume R.'s suggestion to post these issue to either the user list or user forum rather than post helpful information in tandem with the resolution of the bug ticket submitted, I'll post this here.
There were a lot of 'feature' implementations and 'bug' type configuration issues submitted in the one ticket below that caused the actual agent scripts to not function appropriately, or not work entirely with no log produced. Yes, a SSL "misconfiguration" seems to be the culprit, but this "misconfiguration" can happen and should be logged and at least warned against. There is minimal documentation on the windows installer settings which are just ported from the linux version and you have to go to the linux help to find decent info, but even then it is lacking in detail. The online forum posts and general googling produce half answers that seem to have been abandoned rather than resolved. ------- The Issue at hand: Agent SSL authentication to the GLPI/FusionInventory server when installed via the Windows Installer package does not connect. This may only be affecting the windows installer package implementation and not the actual implementation of the agent on other operating system or when building from source. The below post is copied from the bug ticket #3010 submitted: The windows agent doesn't make a successful connection via SSL [When there are no SSL options configured] (This is the infamous and poorly documented Gateway 500 error that IS successfully logged. Cannot make communication to the server. However, there is no warning regarding SSL authentication or certificate issues.), This occurs when you use https:// for the remote target with no SSL options set. nor does setting the force inventory/discovery options at the end of the installer actually initiate any requests (through the wire[using wireshark,tcpdump]) to the GLPI/FusionInventory server after a re-installation of the windows agent software [Using either different or the same options]. (This should be a bug as every time the software is reinstalled it should perform the tasks dependent on the delay provided by the installer/script or immediately upon completion [clicking 'Finish' on the installer package.] But they don't seem to run within the time specified like it is waiting on an already defined resync time setting [which looks to be undocumented]. Reinstalling, uninstalls the product and reinstalls it, but it doesn't act fresh-- because I immediately got results when using HTTP url within 3 minutes of installation. Perhaps this a defined option that is not cleansed with the uninstall script. (This is more of a bug/feature request because there is no log produced when the above bug is produced. For god sake please implement a wrapper around this section for debugging as everyone should be using SSL on their GLPI server and if they mis-configured the SSL Options- nothing.) There is also absolutely no log file produced regardless of the level of DEBUG set by the installer. Is this debug level of the installer itself or then entire agent system?-- by either the BATCH scripts or perl scripts when this fails- so debugging the issue is difficult without file system/registry real-time analysis. It worked perfectly through regular HTTP. After resetting it from HTTPS to HTTP [For the FusionInventory URL] the inventory was processed, but was delayed a few minutes [Perhaps this was due to the set option 'Delay First Trigger' 3600?]- I have attempted to set this to 0-60 to speed it up for the HTTPS connection but just sat there for 30 minutes doing nothing. Also, (This is a bug related to the SSL options specifically as it totally breaks the user agent web portal- when it has nothing to do with it. The checkbox option 'Enable client HTTP server' is checked and makes no note of using HTTPS, or that the SSL options are for this as it is 2 pages down the installer... checking for this using cmd netstat -abn produces nothing on port 80) The service is running; the option to enable the embedded HTTP server is checked during installation; but the HTTP server never starts on port 80 when you set the settings for SSL in the installer. It miraculously reappears when the SSL settings are removed. (It does, so SSL options being set in the installer breaks, can you confirm?) Server: Ubuntu 14.04.2 Updated Apache2 (Comes with mod ssl enabled.) mysql-server php5 php5-mysql php5-gd plugins directory recursively chmod 755 with chown www-data user/group. Client: (Using x86 version of the installer.) Windows 7 (x64) Professional SP1 The SSL option is confusing in the installer as well, is the the certificate of the signing authority [Public or Private] converted into pem format; or is this the certificate of the server of the GLPI/FusionInventory server that was signed by the CA? [The signing authority makes more sense]. I see it is documented that the 'Certificate URI' is not implemented yet. I've tried both forms and neither work and since the log isn't produced there is nothing to tell me why it failed. Does it need the signing certificate authorities' certificate because it doesn't query the built-in certificate store, where this is already located? ------- End of post #3010. G.R. I believe you could have produced some reasonable answers to the issues above instead of chalking it all up to the "My SSL doesn't work" response. If you have no experience with the windows installer and how it operates, please do not touch a ticket, but add someone who does as a watcher. You could of at the very least, specified which issues in the above ticket were not reproducible and requested further information. Thanks and hope someone can shed some light on these issues I'm facing. Joseph C. _______________________________________________ Fusioninventory-user mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/fusioninventory-user
