Plan and progress so far: Moving BigFix from old server
a.domain.com to new server
b.domain.com, masthead is for
old-bigfix.domain.com which is currently a cname for
new-bigfix.domain.com is a cname that points at
b.domain.com and will be used for WebUI/Web Reports. At migration time,
old-bigfix.domain.com will be re-pointed to
b.domain.com. For migration testing,
b.domain.com currently has a
hosts file re-pointing
old-bigfix.domain.com to itself and a few clients have been successfully tested using the same method. SSL Certificate has been generated with
b.domain.com as the subject name and both
new-bigfix.domain.com as alternative names.
Problem: WebUI won’t deal with any certificates or names, stopping the service.
We’d actually just uninstalled WebUI, manually deleting all pertinent files and BES Client Settings, then reinstalled WebUI. First, the WebUI failed with its self-signed cert:
Tue, 07 Nov 2023 16:36:37 -0500 -- [WebUI] WebUISiteDownloader error: HTTP Error 60: SSL peer certificate or SSH remote key was not OK: SSL: no alternative certificate subject name matches target host name 'old-bigfix.domain.com'
old-bigfix.domain.com being the name in the masthead, not the name of any server. The self-signed certificate understandably has a subject name of
B – no
We swapped in the new SSL cert/key into the appropriate Client Settings (
_WebUIAppEnv_WEB_key_FILE) after successfully testing the files with Web Reports and having them work just fine. We also changed the
_WebUIAppEnv_PLATFORM_HOST Client Setting to both
b.domain.com, but get the same error as above.
Gonna submit to HCL Support as well, but wanted to see if anyone here could answer (or at least discuss) before they do.