IGEL ICG with Wildcard Certificate Error: Could not connect ot Secure Gateway – I/O error on GET request…

Any thoughts on first time setup of ICG with Wildcard Certificate. I’m getting the following error: Could not connect ot Secure Gateway – I/O error on GET request…

Learn more, read the entire thread inside the IGEL Community o Slack

Firewall in the way?

There is a firewall, but we opened 22 and 8443

Weird, it looks like you have a DNS name and an IP address in the string.

Or maybe that is the resolved IP?

its the resolved IP of our IGEL ICG Server in our DMZ

Can/should this URL igelcgw.fchn.com:8443 be accessed publicly?

It should be

but i see it isn’t

@member should this work even before I apply the ICG installation. without the 8443

could it be something my linux guy didn’t setup right

It should not work until it’s applied. They exported keystore from the UMS includes the certificates necessary to setup the Apache web server on the ICG. Until the keystore is applied it won’t work.

Does the ICG installation not import those? @member

It should during installation. Did you do a remote install or a manual installation?

I’m doing a remote install

Understood. So the installation completed without error? Looking at this KB, here: kb.igel.com/igelicg-2.02/en/installing-the-igel-cloud-gateway-31601074.html

The installation completes successfully, but then after I put the host after, it fails

Should I have my UMS server route out and back in and not use a separate IP?

DMZ IP VS external

im using the FQDN

That should be ok. What is the host DNS name you’re using?

igelcgw.fchn.com igelcgw.fchn.com

Gotcha. Are you inputting anything into the external host entry?

I was, but i just tried without

and same result

i see the instructions use an IP and not a host name

maybe i should try that

They do on the internal path. For your clients to be able to reach the ICG, you’d then need an external path tied to the certificate as a DNS name, in this case, igelcgw.fchn.com igelcgw.fchn.com

ok I’ll try IP and fqdn for external

Interestingly enough, the port monitor of that host showed the following:

interesting. Looks like my guys dropped the ball

22 is open, 8443 is not,probably related to the yet to be completed setup of the iCG.

But, TBD.

ok thanks for the info

i’ll try some things

If there is a firewall on that Linux box that could explain some things.

I’ll double check with my linux admin


Here’s the PowerShell command you can use to test connectivity to that box, just change the port:

Test-NetConnection -InformationLevel detailed -ComputerName igelcgw.fchn.com igelcgw.fchn.com -Port 22

its itneresting because I told them to turn off 22 from the outside

Testing in Putty, I can definitely hit SSH to that address. I get a login prompt.

Maybe they flipped it, anyways, we’re here to help, let us know.

thank you for your help!


i know I can get it to work cause I did it all on my own machines before our production environment, but I have to go through the right channels on the Production 😛

Totally get it.

Lmao, I know see 22 closed down.



Do you think a wildcard cert could affect this?

No, I use one on my ICG from Let’s Encrypt

I see 8443 open now

I’m wondering if I should just do an install without the remote installer

or maybe you know the command to check the firewall port? on the server

Continue reading and comment on the thread ‘IGEL ICG with Wildcard Certificate Error: Could not connect ot Secure Gateway – I/O error on GET request…’.  Not a member? Join Here!

Learn more, search the IGEL Knowledge Base

Ask a question or comment on the above message thread?

Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.

Submit a question, or Join Today!

Popular Message Threads

Categories & Tags: