Ubuntu – Ubuntu Landscape – Server certificate verification failed

certificateslandscapessl

I've installed Landscape on a new install of Ubuntu 16.04, and I am trying to register clients with it. We have created a CA and signed our certificate (https://help.landscape.canonical.com/LDS/SSL). We also added the certificate to the trusted certificates on the client.

Now we try to connect our client (Ubuntu 16.04) to the Server with the following command:

sudo landscape-config --computer-title "Agent" --account-name standalone  --url https://landskap/message-system --ping-url http://landskap/ping --ssl-public-key=/etc/ssl/certs/landscape_server_ca.pem

After the configuration dialog this error message appears:

The server's SSL information is incorrect, or fails signature verification!
If the server is using a self-signed certificate, please ensure you supply it with the –ssl-public-key parameter.

Yes our server is called 'Landskap'…

We've checked on the client, if there is any additional information in /var/log/landscape/broker.log and found the following error entry.

PyCurlError: Error 60: server certificate verification failed. CAfile: /usr/local/share/ca-certificates/landscape_server_ca.crt CRLfile: none
2017-04-18 14:08:38,978 ERROR    [MainThread] Message exchange failed: server certificate verification failed. CAfile: /usr/local/share/ca-certificates/landscape_server_ca.crt CRLfile: none
2017-04-18 14:08:38,978 INFO     [MainThread] Message exchange failed.
2017-04-18 14:08:38,979 INFO     [MainThread] Message exchange completed in 0.17s.
2017-04-18 14:09:38,982 INFO     [MainThread] Starting urgent message exchange with https://landskap/message-system.
2017-04-18 14:09:39,149 ERROR    [PoolThread-twisted.internet.reactor-0] Error contacting the server at https://landskap/message-system.
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/landscape/broker/transport.py", line 71, in exchange
    message_api)
  File "/usr/lib/python2.7/dist-packages/landscape/broker/transport.py", line 45, in _curl
    headers=headers, cainfo=self._pubkey, curl=curl))
  File "/usr/lib/python2.7/dist-packages/landscape/lib/fetch.py", line 109, in fetch
    raise PyCurlError(e.args[0], e.args[1])

Please help us 🙁

Best Answer

Unable to test currently, but the Quick Start Guide suggests to add the certificate file to /etc/landscape/client.conf with this line:

ssl_public_key = /etc/landscape/server.pem
Related Question