Agent - Retry when unable to locate CCM certificate

[mkevenaar]

What You Are Seeing?

Chocolatey Agent, for some reason, being unable to connect to CCM at startup. This could be, for example, due to network connection issues, CCM currently down for maintenance or the end-user currently having it's laptop on a different network without his VPN connection up. It does not try to reconnect to the CCM endpoint and just sits and waits until you restart the service.

What is Expected?

Chocolatey Agent to reconnect to the CCM server every X seconds (e.g. 3600 seconds by default)

How Did You Get This To Happen? (Steps to Reproduce)

• Configure a CCM environment as usual, make sure your agent is able to connect to CCM
• Stop the CCM service.
• Restart agent

To make things work once the CCM service is available, a restart of the agent is enough.

Output Log

2020-02-26 05:08:04,905 6 [INFO ] - StartupTask is sending StartupMessage...
2020-02-26 05:08:04,953 6 [INFO ] - InstallServerCertificateTask is responding to StartupMessage...
2020-02-26 05:08:04,969 6 [INFO ] - Attempting installation of Server Certificate from https://my.ccm.server.address:24020/ChocolateyManagementService
2020-02-26 05:08:47,883 6 [ERROR] -
Unable to locate CCM Server Certificate.  There are a number of reasons
 that this can occur.  Please ensure that the current value for the
 centralManagementServiceUrl is correct, including the port number that
 the CCM Service was configured to use.  This can be verified using the
 choco config command.  For more information, please see
 https://chocolatey.org/docs/features-chocolatey-central-management.
2020-02-26 05:08:47,898 6 [ERROR] - Unable to connect to the remote server
2020-02-26 05:08:47,913 6 [INFO ] - MonitorConfigFileTask is responding to StartupMessage...
2020-02-26 05:08:47,929 6 [INFO ] - Configuring FileSystemWatcher to monitor: C:\ProgramData\chocolatey\config\chocolatey.config
2020-03-06 20:10:02,477 38 [INFO ] - Stopping Chocolatey service.
2020-03-06 20:10:02,586 38 [INFO ] - Performing Shutdown operations for 'chocolatey-agent'.
2020-03-06 20:10:02,602 38 [INFO ] - Chocolatey service has shut down.
2020-03-06 20:10:05,023 1 [INFO ] - ================================
2020-03-06 20:10:05,086 1 [INFO ] - Performing bootstrapping operations for 'chocolatey-agent'.
2020-03-06 20:10:07,508 6 [INFO ] - Starting chocolatey-agent (v0.9.2) service.

Agent Settings

C:\Windows\system32> choco config | Select-String "centralMan"

centralManagementReportPackagesTimerIntervalInSeconds = 1800 | Amount of time, in seconds, between each execution of the background service to report installed and outdated packages to Chocolatey Central Management.  Available in business editions v2.0.0+ only.
centralManagementServiceUrl = https://my.ccm.server.address:24020/ChocolateyManagementService | The URL that should be used to communicate with Chocolatey Central Management. It should look something like https://servicemachineFQDN:24020/ChocolateyCentralManagement.
  Seehttps://chocolatey.org/docs/features-chocolatey-central-management#fqdn-usage.  Available in business editions v2.0.0+ only.
centralManagementReceiveTimeoutInSeconds = 30 | The amount of time, in seconds, that the background agent should wait to receive information from Chocolatey Central Management.  Available in business editions v2.0.0+ only.
centralManagementSendTimeoutInSeconds = 30 | The amount of time, in seconds, that the background agent should wait to send information to Chocolatey Central Management.  Available in business editions v2.0.0+ only.
centralManagementCertificateValidationMode = PeerOrChainTrust | The certificate mode that is used in communication to Chocolatey Central Management.  Available in business editions v2.0.0+ only.
centralManagementMaxReceiveMessageSizeInBytes = 2147483647 | The size of the permitted message, in bytes, which can be exchanged between the Chocolatey Background Agent and Chocolatey Central Management.  Available in business editions v2.0.3+ only.
[x] useChocolateyCentralManagement - Use Chocolatey Central Management - Lists of installed and outdated packages will be reported to the chosen Chocolatey Central Management server.  Business editions only (version 2.0.0+). See https://chocolatey.org/docs/features-choc
olatey-central-management

REFERENCES

• Zendesk
• Internal Ticket - @steviecoaster to provide

[ferventcoder]

Hi @mkevenaar - have you filed a support ticket to go along with this? I want to ensure we capture this and prioritize it properly, so if we can get that from you, that would be great.

[mkevenaar]

@ferventcoder @steviecoaster asked me to create a ticket here. Ticket no 6186

[ferventcoder]

Okay perfect. Just need a link to that up in the issue request. Use the web interface to grab that link.

[ferventcoder]

@steviecoaster please create the internal issue for this at https://gitlab.com/chocolatey under the chocolatey-licensed-services repo.

[mkevenaar]

@ferventcoder I have updated the initial request.

[blotz79]

+1 We have exactly the described situation. Users working only on notebooks. Sometimes people switch on the notebook get theirself a coffee an then connect to VPN. In this case the Timeout of the agent is reached and the service stopped. When trying to deploy something, the users have to restart the notebook, cause they are not allowed to restart the service. Otherwise someone from the support has to connect to the notebook and restart the service.