I’m having all kinds of cert problems on our test ICG. Our test client device is giving me an error of failing to get ICG certificate. The remote installation of the ICG was simple. We don’t have to install our wildcard cert on the client device do we?
can you describe a bit how you setup the ICG? I mean especially how you created the keystore.
We have a wildcard cert for our cherryhealthonline.net cherryhealthonline.net samespace. My systems team leader converted it from a .crt file to a .pem file. Then, followed all the steps laid out in the KB article: kb.igel.com/igelicg-2.01/installing-the-igel-cloud-gateway-20705738.html
Deployment is smooth. Then, when trying to configure a client locally, it gives a failed to get certificate error
is the ICG adress you enter in the wizard, the same you entered inside the Keystore creation?
Yes, as far as I see. The only real difference in our environment and the KB to my knowledge is we do not have an intermediate cert. But, my knowledge on certificate management is pretty shallow.
I’m thinking my manager may have converted the wrong key. Exploring further
Actually, it looks like it may be expired.
If you want to check the general function, you could add the public IP to your certkeystore and reinstall the ICG with one. If the IP works then (you will have to forward a part of the Fingerprint), you can sort other issues out.
Oh ok! Fair point! In addition, please check the time of endpoint / ICG / UMS. They should be in sync.
Well, figured out the cert error. Turns out my manager accidentally screwed up the NAT. Newest issue is getting the UMS Agent to register the device. Now, this UD Pocket had previously been licensed when on an internal network. Will that affect UMS behavior when trying to get registered from the outside? I’ve deleted the ‘hardware’ from the original license (We do primarily automatic deployment) and reset the firmware on the device. It’s getting connected to the ICG, but not registering in UMS. Is there some setting in the UMS Administration that I may be missing?
About the only thing that is different from the KB articles is the “UMS Structure Tag” field. I’m not seeing that in any of the KB articles
Created a structure tag in default default directory rules and tried that. Still failed.
Continue reading and comment on the thread ‘Having cert problems on our test IGEL ICG – test client device is giving me an error of failing to get ICG certificate’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above messasge thread?Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.
Submit a question, or Join Today!
Popular Message Threads
- USB webcams in combination with RDP on IGEL OS?
- IGEL OS on Raspberry Pi?
- After upgrading to IGEL OS 11.04.200.01 my Citrix Storefront configuration does not work anymore – Error adding store: AM_ERROR_AUTH_NETWORK_ERROR
- Citrix session crashes with black screen, any advice and how do I find logging?
- Can I to use Remote desktop and webcam support via a thin client with IGEL software?
- IGEL UMS Universal Update Error: “could not resolve host name”
- What is required for Zoom VDI/Zoom Media Plugin for Citrix on IGEL OS?