Welcome to OCS Inventory NG community support, where you can ask questions and receive answers from other members of the community.

Please ask questions only in English or French.

Release 2.12.3 available

The official documentation can be found on https://wiki.ocsinventory-ng.org. Read it before asking your question.

no connection over https for windows clients

Hi Team,
I have configured my OCSinventory server with valid certificates. but when I try to sync my OCS windows client systems over HTTPS it's not getting sync & getting below error.
(ERROR * AGENT => Failed to send Prolog <SSL peer certificate or SSH remote key was not OK>)

I am able to sync my OCS clients from Linux & MAC OS over HTTPS. facing issue with windows clients only.


Please find below details of the server.
Server details
OS: Debian 10 buster
OCS server version: 2.8
WebServer : Apache (2.4.38-3+deb10u5)

in OCS Inventory NG agent for Windows by (260 points)

4 Answers

+1 vote
Hi,

What is the value of the cn field in the certificate ? What is the value of the server variable in ocsinventory.ini file ?
by (90.4k points)
0 votes
here is my ocsinventory.ini file details

[OCS Inventory Agent]

ComProvider=ComHTTP.dll

Debug=0

Local=

NoSoftware=0

HKCU=0

NoTAG=0

IpDisc=

[HTTP]

Server=https://abc.xyz.net/ocsinventory

SSL=1

CaBundle=C:\temp\cacert.pem

AuthRequired=0

User=

Pwd=

ProxyType=0

Proxy=

ProxyPort=0

ProxyAuthRequired=0

ProxyUser=

ProxyPwd=

[OCS Inventory Service]

TTO_WAIT=420

INVENTORY_ON_STARTUP=0
by (260 points)
edited by
0 votes

The error message give indication for an error with the certificate.

I suggest to verify it with a navigator (Firefox, Chrome) with the url https://server/ocsreports : you can get information of the certificate and build correctly the file cacert.pem.

The file 'cacert.pem' need to have the first certificate, then the second, then the third (here case of a wildcard signed certificate), each exported as 'X509 base 64 encoded .cer'.

May be better to save the 'cacert.pem' in the folder %programdata%\OCS Inventory NG\Agent ?

by (20.1k points)
edited by
0 votes
Hey,
We have resolved this issue by generating a self-sign certificate on the OCS server.
by (260 points)
 
Powered by Question2Answer
...