Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000198975

Dell Technologies VxRail: Knooppunt NIC-configuratie SSL toevoegen: CERTIFICATE_VERIFY_FAILED

Summary: Dell Technologies VxRail: Knooppunt NIC-configuratie SSL toevoegen: CERTIFICATE_VERIFY_FAILED Waargenomen op versie 7.0.350.

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Symptoms

Tijdens het uitvoeren van een node-add kunnen we niet verder gaan dan de NIC-configuratiepagina.
VxRail versie 7.0.350.
 

Foutlogboek:

22-04-28T05:33:31.194+0000 ERROR [pool-69-thread-1] com.vce.commons.domainowner.graphq.DefaultQueryExecutorImpl DefaultQueryExecutorImpl.filterOutErrorData:173 - Errors in do-host responsFQDN:9090 ssl: [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:
852)]","locations":[{"line":1,"column":1542,"sourceName":null}],"description":null,"validationErrorType":null,"queryPath":null,"errorType":null,"path":["configuredHosts","0","hardware","pos
ition","rackName"],"extensions":null}


Curl-controle:

vxrm # curl --capath /var/lib/vmware-marvin/trust/lin --user root -X GET -H "Content-Type: application/json" -d '{}' https://ServerName.site.lab:9090/rest/ps/private/v1/misc/certservice/certs
Enter host password for user 'root':
curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

Cause

SSL Handshake tussen ESXI en VXRM mislukt.

 

 

Resolution

Voer de onderstaande opdrachten uit om het certificaatprobleem te verifiëren.
Controleer en werk de ESXi-certificaten bij met behulp van de VMware-documentatie hieronder:

1. Voer de onderstaande opdracht uit om de ESXi-hostverbinding te testen en de volledige uitvoer vast te leggen: 
vxm: # openssl s_client -crl_check_all -CApath /var/lib/vmware-marvin/trust/lin/ -connect :443

2. Voer de onderstaande opdracht uit om de ESXi-hostverbinding te testen en de volledige uitvoer vast te leggen: 
vxm: # openssl s_client -crl_check -CApath /var/lib/vmware-marvin/trust/lin/ -connect :443

3. Voer de onderstaande opdracht uit om de ESXi-hostverbinding te testen en de volledige uitvoer vast te leggen: 
vxm: # openssl s_client -CApath /var/lib/vmware-marvin/trust/lin/ -connect :443
Example output:
Verify return code: 0 (ok)
Or,
Verify return code: 12 (CRL has expired)


Controleer de VMware-documentatie om de ESXi-certificaten te vernieuwen en te vernieuwen:

- ESXi-certificaten vernieuwen en vernieuwen https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-ECFD1A29-0534-4118-B762-967A113D5CAA.html. Koppelingspictogram van derden
- Voer de nieuwste versie van cert_util.py uit in kb onder VxRail: Het vCenter SSL-certificaat handmatig importeren in VxRail Manager

 

Article Properties

Affected Product

VxRail, VxRail Appliance Family, VxRail Appliance Series

Last Published Date

19 May 2023

Version

4

Article Type

Solution

Back to Top