Where to delete the certificates that cause ‘invalid certificate’ when trying to import an IGEL into UMS?


hey folks, does anyone know where to delete the certificates that cause ‘invalid certificate’ when trying to import an IGEL into UMS? I have remote SSH access to the device, but all the guides I can find say to do a factory reset which I’m trying to avoid.


Hey Chris,

/wfs/server.crt

usually.


thanks again mate


Here is a doc:

github.com/IGEL-Community/IGEL-Docs/blob/main/Docs/HOWTO-Remove-IGEL-Device-License.md


Just reset the device to factory defaults


so this has now become a bit odd. deleted the cert file, rebooted the IGEL, it then imported into UMS fine, but i was unable to push any profiles to it or perform any actions with it due to an invalid certificate error. i arranged for someone onsite to perform a local factory reset which they’ve done. i can again import the device into UMS with no issue (and can see it’s definitely been reset as it’s lost the hostname that had been set on it), but once again i’m unable to perform any actions on it due to ERROR: Certificate Invalid.

a UMS>Device fails instantly. i’ve closed/opened UMS console with no improvement


That usually points into that direction that there is a UMS onsite that takes the device over. Could you check locally, in Igel Setup, under Setup>RemoteManagement which IP is there?


i’ll ask someone on site to check, ta. there should be no other UMS though, we built the whole customer system and this is the only UMS server that was every built. I got them to verify the device can resolve igelrmserver to the correct IP too


Then, just in case… Is there a Firewall which does SSL Splitting and / or Inspection?


not between the igel and ums, nope 😞

is odd, got 200+ otyher uniys working fine

on-site team have just confirmed the IP in that RemoteManagement field is the correct one for the UMS server.


Which Firmware / UMS Version? Is there an AV on UMS Server, if yes, could you disable it and retry?


FW is 10.06.130.01, UMS is 6.05.100. AV.firewall is only built in windows defender/firewall


Hem… Thatβ€˜s weird… Hem… Even if it shouldnβ€˜t play a bigger role in that context: is the time correctly set on the endpoint?

If you open a local terminal, and do a

ping igelrmserver

which IP comes up (if there is one)?


yep, and ping and nslookup return the correct IP, i got them to check that before i asked for a factory reset as that was my first thought too. i’ll get them to check the clock, be funny if timesync was the issue πŸ™‚

all the points to you sir

time and timezone all correct and date looked fine… except it was set to 2049 πŸ™‚


πŸ˜„

very much appreciated!


Did it worked though after setting the right Year ?


yep, instantly fine and sprang to life

profiles pushed out to it and it’s back in use πŸ™‚

i have advised customer to change the BIOS battery while it’s in their office (these are coverted PCs, not UD hardware)


PERFECT!! Glad to help


Set an NTP server and timezone πŸ™‚


Or buy a Delorean everytime you want to register a device @member πŸ˜‡


Oh yes β€” A must for converting old hardware (assume BIOS battery is dead) β€” So make sure all devices have NTP server and timezone set!

Continue reading and comment on the thread ‘Where to delete the certificates that cause ‘invalid certificate’ when trying to import an IGEL into UMS? ‘.  Not a member? Join Here!

Learn more, search the IGEL Knowledge Base



Ask a question or comment on the above messasge thread?

Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.

Submit a question, or Join Today!


Popular Message Threads


Categories & Tags: