Issue:
Windows agent tunnel binding fails on every attempt
Server log: IssueCertificate: certificate request verification failed (0 ms — fails at parse, not signature)
Agent log: certificate request failed (923)
Linux agents on same server bind successfully
NetXMS Server Info:
AlmaLinux 9.7
System OpenSSL 3.5.1
NetXMS server 6.1.1, build 6.1-452-gc20a8a4247
Self-signed CA, valid 2036
netxmsd.conf has TunnelCertificate, TunnelCertificateKey, InternalCACertificate, InternalCACertificateKey configured
Tested against:
Win 10 Pro 22H2 (19041) | Agent v6.1.1 | Fails with 923
Win 11 Home 24H2 (26200) | Agent v6.1.1 | Fails with 923
Win 11 Home 24H2 (26200) | Agent v5.2.8 | Fails with 923
AlmaLinux 9.7 | Agent v6.1.1 | Binds Successfully
Steps to Produce:
AlmaLinux 9.7 + OpenSSL 3.5.1 + NetXMS 6.1.1 server
Self-signed CA per standard tunnel setup
Install Windows agent, configure ServerConnection + TrustedRootCertificate
TLS handshake completes, tunnel appears Unbound
Right-click → Create node and bind → error 923
See attached logs from tests above.
Please advise if you need any further information. I have not tried on the latest 6.1.2, as there doesn't appear to be an direct fix for this issue.
Thanks,
Same happens on Ubuntu 26, created issue: https://github.com/netxms/netxms/issues/3250