Basic setup issue


#1

Hi,

i am new to deadline, setting up repo and client on the same workstation (ws1) and another client to 2nd workstation (ws2). i carefully went through the advanced installation guides.

the issue with (ws1) is at slave startup error [ Could not connect to deadline Repository - Error encountered when loading the configuired Client Certificate (C:\DeadlineDatabase10\certs\Deadline10Client.pfx) Its likely either an envalid x.509 certificate, or the wrong passphrase was provided - Full error : Access denied ]

the issue with (ws2) is at slave startup error [ Could not connect to deadline Repository - Could not connect to any of the specified Mongo DB servers ( \ws1;192.168.1.5 ). The following errors was encountered :

  • the remote certificate is invalid according to the validation procedure.
  • the remote certificate is invalid according to the validation procedure. ]

in both the error counts 10 seconds and try again.

i followed the advanced guides as carefully as i can, sharing the folders and firewall configuration.

i tried to disable the requirement of a client SSL/TLS authentication to access the database and everything worked , but i do not know, it is strongly recommended to use the SSL/TLS authentication by the guide.

https://docs.thinkboxsoftware.com/products/deadline/10.0/1_User%20Manual/manual/install-db-repo.html

any help would be really appreciated.


#2

Hi Wes,

Are you planning on connecting to the cloud? if not it’s easier to set-up without the certificate, it maybe easier to re-install the Repo and DB without security.

If you have set up with the certificate you’ll need to point both client installs to the certificate file and use the password you used. If you don’t specify these then the client won’t launch.


#3

Hi Anthonygelatka,
Thanks for replying, i am not going for the cloud scenario, i did configured my setup without the certificate and everything went well (except for setting the clients as a service (windows10) with the proper user account).
Strangely while i was trying the certificate scenario i did pointed the files as you suggested but with no luck.
Anyway i have a working setup now.
Thanks again.


#4

It’s tricky for new users (suggestions welcome!). By default, the client certificate is locked down and does not allow reading so that users can’t copy it from a fresh install. You have to consciously change the permissions and copy it to machine that will need it. It does add complexity to the initial installation procedure.

From the docs:

Note: Once the certificates have been generated, the ‘Deadline10Client.pfx’ file will need to be securely moved to client machines that are expected to connect to this Repository directly; it will be needed at connection time. In addition, the user(s) running the client processes will need to be granted Read access to the file (the installer creates the file with restrictive permissions).
https://docs.thinkboxsoftware.com/products/deadline/10.0/1_User%20Manual/manual/install-db-repo.html#installing-a-new-mongodb-database


#5

Hi eamsler,
how please?


#6

A Link describing how to do this would be greatly appreciated.
Thanks.


#7

Ah, sorry I missed this during my early-morning pass of the forums.

It seems that the docs don’t have it available which is a bit of an oversight on our part. You can map the information on changing the Repository permissions onto changing those for the Deadline10client.pfx file:
https://docs.thinkboxsoftware.com/products/deadline/10.0/1_User%20Manual/manual/install-db-repo.html#id1

In my case, I’ve secured my client cert to two users on my machine but also the Administrators group:

You can decide who you’re comfortable allowing access to that file yourself. In general, anyone who can read the file can decrypt traffic between the client applications and the database.


#8

thanks Eamsler,
i really appreciate your help.


#9

I have the same error: " The configured Client Certificate (‘C:\DeadlineDatabase10\certs\Deadline10Client.pfx’) does not exist.

Deadline Slave will try to connect again in 10 seconds…

9 second(s) until this message closes." How to sort this now? I have followed step by step installation guide. In the license box, I have chosen the License free instead of standard. Is this could be an issue for the error above? Please help. I am really close to desperate now. it seems this deadline is cofigured specifically to confuse users instead of helping. Actually with the help of a real programmer it worked. There was a problem related to giving permissions as shown above to the Deadline pfx. Problem sorted. Only on Master machine. Slave machine still not working. I have copied and pasted the certificate as required to the slave machine. I have installed it then by double clicking on it and it was a success. But when the slave is trying to ignite the same error is running. Any professional help will be extremely welcomed. Btw on the slave machine I have installed only the clientinvalid%20binary%20connection Problem sorted after a new install


#10

Hello,
let me know if should we install the certificate on all local drive of workstations? or can we share one of the on all the workstations?