I’ve temporarily signed a Public SSL cert to test out IGEL Cloud Gateway before assigning any official certificates ans such to it. My IGEL keeps saying failed to get certificate from server. When I go to the server, it appears the certificate is successfully installed and valid.
Hey @member, I am confused, that looks like a Windows dialogue. ICG should be a Linux OS, how are you looking at that?
I was pulling up the server vai a web browser to see the cert it had. ICG is deployed on an Ubuntu machine
Can you send the error from the IGEL device?
Maybe me testing this with the IGEL Device within our domain isn’t ideal?
It may also be that IGEL doesn’t have the let’s encrypt ca in it’s trusted list :thinking_face:
the ICG is setup with a routable external DNS host name?
Yep i put icg.scheetz.io icg.scheetz.io in DNS as an A record
I may have to end up getting our Godaddy cert and my manager to make dns changes to try that way if this isn’t working as a test
Were the Root and Intermediate Certs imported?
Sorry forgot to update. Chris worked with me and found the problem was a routing issue. Clients external of my internal domain can connect, but not internal. I just need to fix that with a DNS entry if I choose.
We got the exact same issue and I have no idea what to try next.
1. We checked the timezone settings on both the icg server (Ubuntu) and the client device
2. Port 443 tcp is open externally and on ICG
3. Our external dns is set with an A record and point to the right external IP address
4. Certificate chain looks fine to me
From UMS certificates looks fine as well
You need to have 8443 open
I use 443 not 8443
I don’t believe you can change the port
Yes, it shows that you can, but you cannot actually change it
Try using 8443
oh dang I thought they fixed that, oh well nmap dont lie
thanks I’ll try with 8443
You will probably need to re-install and change the port to 8443 in your configuration
I probably installed 12 times already, what’s 1 more time
Yes, but depending on the OS that may not just work. I don’t think it does
Try on 8443 and see if it works
I will, thanks for the quick reply. That doc need to be adjusted!
Ah wait
I just tested with my device
On the device enter: icg.getvpro.com:443 icg.getvpro.com:443 for the ICG URL
ok
ok well the wizard need to be updated to point to 443 by default 😄
Makes sense actually, the IGEL rmagent will look for 8443 because that is what was always used
yeah right
old windows habit
😛
Enjoy, I am off to take my dog for a walk and enjoy the nice weather while it lasts 🙂
Continue reading and comment on the thread ‘IGEL OS getting “failed to get certificate from server” error’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!