Forum / NoMachine Terminal Server Products / NoMachine admin page issue after load CA certificate
- This topic has 2 replies, 2 voices, and was last updated 4 years, 3 months ago by Aubert887.
-
AuthorPosts
-
September 10, 2020 at 16:46 #29423Aubert887Participant
Hello Sirs,
I can not open the web page admin of NoMachine but the url are certified. So this is what i have done:
firstly, i have copy the crt file and key file provided by CA for my organisation on /usr/NX/etc/keys/host/ht_host_rsa_key and /usr/etc/keys/host/ht_rsa_key.crt, I use NoMachine Enterprise Terminal Server Evaluation – Version 6.11.2
after that i have add the certificate for the host which i have install nomachine-enterprise-terminal-server on the directory /var/NX/nxhtd/.nx/config/client.crt. So this is the errors messages.
Error: Failed to authorize the server certificate.
26579 26590 15:48:49 392.227 Channel/Channel: WARNING! Runnable DaemonReader failed for FD#12.
26579 26590 15:48:49 392.244 Channel/Channel: WARNING! Error is 13, ‘Permission denied’.
26579 26583 15:48:49 392.561 DaemonClientApplication/DaemonClientApplication: WARNING! Session terminated abnormally.
26579 26583 15:48:49 392.618 DaemonClientApplication/DaemonClientApplication: WARNING! Error is 13, ‘Permission denied’.
_NXThreadWrite: ERROR! No signaling channel found.
26579 26579 15:48:49 454.911 DaemonClientApplication/DaemonClientApplication: WARNING! No client running in 0x14adef0.
Info: Connection from 10.229.132.191 port 39322 closed on Thu Sep 10 15:48:49 2020.
Info: Handler with pid 26589 terminated on Thu Sep 10 15:48:49 2020.
Info: Handler started with pid 26677 on Thu Sep 10 15:49:08 2020.
Info: Handling connection from 10.229.132.191 port 39340 on Thu Sep 10 15:49:08 2020.
26667 26676 15:49:08 928.703 Encryptor/Encryptable: ERROR! Failed to authorize the server certificate.
Error: Failed to authorize the server certificate.
26667 26676 15:49:08 928.870 Channel/Channel: WARNING! Runnable DaemonReader failed for FD#12.
26667 26676 15:49:08 928.883 Channel/Channel: WARNING! Error is 13, ‘Permission denied’.
26667 26670 15:49:08 929.109 DaemonClientApplication/DaemonClientApplication: WARNING! Session terminated abnormally.
26667 26670 15:49:08 929.163 DaemonClientApplication/DaemonClientApplication: WARNING! Error is 13, ‘Permission denied’.
_NXThreadWrite: ERROR! No signaling channel found.
26667 26667 15:49:08 995.397 DaemonClientApplication/DaemonClientApplication: WARNING! No client running in 0x14adef0.
Info: Connection from 10.229.132.191 port 39340 closed on Thu Sep 10 15:49:08 2020.
Info: Handler with pid 26677 terminated on Thu Sep 10 15:49:08 2020.
Info: Handler started with pid 27436 on Thu Sep 10 15:53:05 2020.
Info: Handling connection from 10.229.132.191 port 39688 on Thu Sep 10 15:53:05 2020.
27425 27434 15:53:05 633.221 Encryptor/Encryptable: ERROR! Failed to authorize the server certificate.
Error: Failed to authorize the server certificate.
27425 27434 15:53:05 633.397 Channel/Channel: WARNING! Runnable DaemonReader failed for FD#12.
27425 27434 15:53:05 633.414 Channel/Channel: WARNING! Error is 13, ‘Permission denied’.
27425 27428 15:53:05 633.672 DaemonClientApplication/DaemonClientApplication: WARNING! Session terminated abnormally.
27425 27428 15:53:05 633.723 DaemonClientApplication/DaemonClientApplication: WARNING! Error is 13, ‘Permission denied’.
_NXThreadWrite: ERROR! No signaling channel found.
27425 27425 15:53:05 694.617 DaemonClientApplication/DaemonClientApplication: WARNING! No client running in 0x14adef0.
Info: Connection from 10.229.132.191 port 39688 closed on Thu Sep 10 15:53:05 2020.
Info: Handler with pid 27436 terminated on Thu Sep 10 15:53:05 2020.
Info: Handler started with pid 27493 on Thu Sep 10 15:53:08 2020.
Info: Handling connection from 10.229.132.191 port 39696 on Thu Sep 10 15:53:08 2020.
27484 27494 15:53:08 163.403 Encryptor/Encryptable: ERROR! Failed to authorize the server certificate.
Error: Failed to authorize the server certificate.
27484 27494 15:53:08 163.584 Channel/Channel: WARNING! Runnable DaemonReader failed for FD#12.
27484 27494 15:53:08 163.603 Channel/Channel: WARNING! Error is 13, ‘Permission denied’.
27484 27487 15:53:08 163.946 DaemonClientApplication/DaemonClientApplication: WARNING! Session terminated abnormally.
27484 27487 15:53:08 164.032 DaemonClientApplication/DaemonClientApplication: WARNING! Error is 13, ‘Permission denied’.
_NXThreadWrite: ERROR! No signaling channel found.
27484 27484 15:53:08 210.302 DaemonClientApplication/DaemonClientApplication: WARNING! No client running in 0x14adef0.
Info: Connection from 10.229.132.191 port 39696 closed on Thu Sep 10 15:53:08 2020.
Info: Handler with pid 27493 terminated on Thu Sep 10 15:53:08 2020.
Info: Handler started with pid 27604 on Thu Sep 10 15:53:55 2020.
Info: Handling connection from 10.229.132.191 port 39730 on Thu Sep 10 15:53:55 2020.
27595 27605 15:53:55 901.765 Encryptor/Encryptable: ERROR! Failed to authorize the server certificate.
Error: Failed to authorize the server certificate.
27595 27605 15:53:55 901.909 Channel/Channel: WARNING! Runnable DaemonReader failed for FD#12.
27595 27605 15:53:55 901.921 Channel/Channel: WARNING! Error is 13, ‘Permission denied’.
27595 27598 15:53:55 902.358 DaemonClientApplication/DaemonClientApplication: WARNING! Session terminated abnormally.
27595 27598 15:53:55 902.423 DaemonClientApplication/DaemonClientApplication: WARNING! Error is 13, ‘Permission denied’.
_NXThreadWrite: ERROR! No signaling channel found.in addition, i have modified htd.cfg file like this
RewriteEngine On
ReWriteCond %{SERVER_PORT} !^4443$
RewriteRule ^/(.*) https://xxxxxxxxxxxxxxxxxxxxxxxxxxxxx:4443/nxwebplayer [R,L]<VirtualHost xxxxxxxxxxxxxxxxxxxxxx:4443>
ServerAdmin you@example.com
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/?nxwebplayer$ [NC]
RewriteCond %{REQUEST_URI} !^/?(event|eventinit)$
RewriteCond %{REQUEST_URI} !^/?nxplayer/(js|images|style|languages)/.*$
RewriteCond %{REQUEST_URI} !^/?favicon.ico$
RewriteCond %{REQUEST_URI} !^/?$
RewriteRule ^(.*)$ – [F,L]SSLEngine on
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
#server certificate:
SSLCertificateFile “/usr/NX/etc/keys/host/ht_host_rsa_key.crt”#private server key:
SSLCertificateKeyFile “/usr/NX/etc/keys/host/ht_host_rsa_key”#server certificate chain:
#SSLCertificateChainFile “/usr/NX/etc/nomachine-CA.crt”#Certificate Authority (CA):
#SSLCACertificateFile “/usr/NX/etc/nomachine-CA.crt”SSLCipherSuite ALL:!ADH:!EXPORT56:!3DES:+HIGH:+MEDIUM:!RC4:!IDEA-CBC-SHA
SetEnvIf User-Agent “.*MSIE.*” \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>Do you have a solution?
Cordially
Aubert
Attachments:
September 11, 2020 at 17:41 #29453fishermanModeratorBased on your information and the error you got we assume that you had overwrite client certificate that is not related to NoMachine Web access.
please execute following commands as root user
echo "Host:localhost" > /var/NX/nxhtd/.nx/config/client.crt cat /usr/NX/etc/keys/host/nx_host_rsa_key.crt >> /var/NX/nxhtd/.nx/config/client.crt echo "Host:127.0.0.1" >> /var/NX/nxhtd/.nx/config/client.crt cat /usr/NX/etc/keys/host/nx_host_rsa_key.crt >> /var/NX/nxhtd/.nx/config/client.crt chown nxhtd:nxhtd /var/NX/nxhtd/.nx/config/client.crt chmod 600 /var/NX/nxhtd/.nx/config/client.crt
For more details you can check using these articles
– https://www.nomachine.com/DT03O00127#2
– https://www.nomachine.com/AR05P00980September 14, 2020 at 12:04 #29461Aubert887ParticipantThanks Sirs. It’s worked 🙂
-
AuthorPosts
This topic was marked as solved, you can't post.