Help

Apache https not working on JDS

Hafiz
New Contributor II

Posted on ‎09-17-2015 02:43 AM

I can certainly enrol my CentOS 7 JDS instance into my JSS. The JDS shows up correctly in the JSS with it's information filled in.

However, whenever I try and push a policy to a MacBook there is an error (see below, package from JDS fails to install although a test script held on the JSS does run on the test MacBook). Therefore, it seems my JDS does not allow a connection or maybe the apache https is misconfigured. Does someone know how I could troubleshoot this?
Just not sure how the apache https is configured, I mean which sequence of config files are looked at in /etc/httpd? I can see a jds.conf file in /etc/httpd/conf.d, and I assume that is the https configuration file that the JDS is using to present a https service?

Also, can I keep joining and rejoining the JDS to the JSS without problems by executing the JDS-Linux-Installer-9.73.run file?

Executing Policy TestPolicy...
Downloading TestManageEngine.pkg...
Downloading https://sscvlqmljds001/CasperShare/TestManageEngine.pkg...
The network connection was interrupted while downloading the package from https://sscvlqmljds001/CasperShare/TestManageEngine.pkg. Attempting to reconnect...
Downloading TestManageEngine.pkg...
Downloading https://sscvlqmljds001/CasperShare/TestManageEngine.pkg...
Error: TestManageEngine.pkg is not available on the HTTP server.
Running script testcasper.sh...
Script exit code: 0
Script result:

0 Kudos
2 REPLIES 2

Josh_S
Contributor III

Posted on ‎09-17-2015 11:32 AM

If you attempt to connect, via a web browser, to https://sscvlqmljds001, do you get any certificate errors? If so, that might help guide you to what the problem is. You may want to try from another, managed, computer in case you've already dismissed any certificate warnings on your computer. You can also examine the certificate details within the browser, it's usually a little "lock" icon near/on the address bar.

Do you have any problem downloading the file manually, via web browser at that address?

I would, highly, recommend that you use fully qualified domain names (FQDN) as well. Short-names require a specific client-side configuration to function. While they're okay for general usage, I would never allow them to be used in my management infrastructure.

As far as I'm aware, there is no problem with repeatedly re-enrolling a JDS.

0 Kudos

Hafiz
New Contributor II

Posted on ‎09-18-2015 10:10 AM

@Josh_S Thanks! It turns out this was a firewalling issue on the server. When I turned off the firewall it was fixed. Just need to figure out what ports and services to allow after switching the firewall back on. CentOS 7 is quite good fun! I now have a JSS, JDS and Netboot server (with docker container) all communicating together and running off CentOS 7, I never thought that would be possible :)

0 Kudos