Agent logging Wrong Certificate Error

Automated deployment for web applications and databases

Agent logging Wrong Certificate Error

Postby skycaptain » Mon Jun 16, 2014 12:22 pm

Hi,
I've just checked the windows log viewer and I found a lot of errors of type
Could not establish a trust relationship because the other party was using the wrong certificate; the key of the certificate they provided was:xxx while we would have accepted: xxx
I am certain that the key entered was the corect one! where is this key saved? I may take a look myself and see what's in there.

Thanks
SkyCaptain
skycaptain
 
Posts: 15
Joined: Sun May 11, 2014 10:29 am
Location: London

Postby Mike Upton » Wed Jun 18, 2014 8:02 am

You can find the server key (which is the one the agent error log is complaining about) by going to your Deployment Manager web interface, and navigating to Settings->Server Key (http://{your_deployment_manager_address}/configuration/certificates).

You should also be able to tell whether the trust relationship between the server and agent is correct by performing a health check in the server. If an agent doesn't trust the server, it will show up as an offline agent.
Mike Upton

Project Manager - SQL Compare|Data Compare|Comparison SDK
Redgate Software Ltd.
Mike Upton
 
Posts: 189
Joined: Wed May 11, 2011 8:04 am
Location: Redgate

Could not establish a trust relationship

Postby skycaptain » Mon Jun 23, 2014 10:31 am

Hi Mike,
Thanks for your reply. The health check shows OK. However, I#ve just found out that the agent was used with another server (and another server key) and this is why we keep getting
RedGate.Deploy.Agent.Services.AgentServiceHostStarter [(null)] - Could not establish a trust relationship because the other party was using the wrong certificate; the key of the certificate they provided was: CERT1 while we would have accepted: CERT2.
The current server's key is CERT2, but for some reason is seems to be picking the old DM's key. I understand it may not be fatal but some concerns have been raised since there is an error in windows log viewer every few minutes. I thought there may be a way the agent can forget the old server.
SkyCaptain
skycaptain
 
Posts: 15
Joined: Sun May 11, 2014 10:29 am
Location: London

Postby Mike Upton » Mon Jun 23, 2014 11:08 am

That message in the log only happens when a server tries to make contact with the agent with an unrecognised key, so it would appear that your old server is still alive and trying to talk to the agent. You need to remove the agent from the old server's list of machines (in the Environments tab).
Mike Upton

Project Manager - SQL Compare|Data Compare|Comparison SDK
Redgate Software Ltd.
Mike Upton
 
Posts: 189
Joined: Wed May 11, 2011 8:04 am
Location: Redgate


Return to Deployment Manager

Who is online

Users browsing this forum: No registered users and 0 guests