BugZero | Dell BugID 198975 - Dell Technologies VxRail: Node add NIC configurati...

Dell - Defect ID: 198975

Dell Technologies VxRail: Node add NIC configuration SSL: CERTIFICATE_VERIFY_FAILED

Dell - Defect ID: 198975

Dell Technologies VxRail: Node add NIC configuration SSL: CERTIFICATE_VERIFY_FAILED

Last updated on 2/26/2025

Overall: 0N/A

Severity: 0N/A

Community: 0N/A

Lifecycle: 0N/A

What is the BugZero Risk Score?

Vendor details

Support Case Count: 149
Article View Count: 6087
Impact Category:

Overall: 0N/A

Severity: 0N/A

Community: 0N/A

Lifecycle: 0N/A

What is the BugZero Risk Score?

Vendor details

Support Case Count: 149
Article View Count: 6087
Impact Category:

Symptoms

While performing a Node Add, we are unable to go pass the NIC Configuration Page.VxRail Version 7.0.350Error log: 22-04-28T05:33:31.194+0000 ERROR [pool-69-thread-1] com.vce.commons.domainowner.graphq.DefaultQueryExecutorImpl DefaultQueryExecutorImpl.filterOutErrorData:173 - Errors in do-host responsFQDN:9090 ssl: [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c: 852)]","locations":[{"line":1,"column":1542,"sourceName":null}],"description":null,"validationErrorType":null,"queryPath":null,"errorType":null,"path":["configuredHosts","0","hardware","pos ition","rackName"],"extensions":null} Curl check: vxrm # curl --capath /var/lib/vmware-marvin/trust/lin --user root -X GET -H "Content-Type: application/json" -d '{}' https://ServerName.site.lab:9090/rest/ps/private/v1/misc/certservice/certs Enter host password for user 'root': curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

Cause

SSL Handshake between ESXI and VXRM fails.

Resolution

Run the below commands to verify the certificate issue.Check and update the ESXi certificates using the VMware documentation below:1. Run the below command to test the ESXi host connection, and capture the entire output: vxm: # openssl s_client -crl_check_all -CApath /var/lib/vmware-marvin/trust/lin/ -connect :443 2. Run the below command to test the ESXi host connection, and capture the entire output: vxm: # openssl s_client -crl_check -CApath /var/lib/vmware-marvin/trust/lin/ -connect :443 3. Run the below command to test the ESXi host connection, and capture the entire output: vxm: # openssl s_client -CApath /var/lib/vmware-marvin/trust/lin/ -connect :443 Example output: Verify return code: 0 (ok) Or, Verify return code: 12 (CRL has expired) Review the VMware documentation to renew and refresh the ESXi certificates: Renew and Refresh ESXi Certificates - View VMware article Renew or Refresh ESXi Certificates Run the newest version of cert_util.py in article VxRail: How to manually import vCenter SSL certificate on VxRail Manager

Support Cases

Original Vendor Announcement

No bugs this month

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

Dell - Defect ID: 198975

Dell Technologies VxRail: Node add NIC configuration SSL: CERTIFICATE_VERIFY_FAILED

Dell - Defect ID: 198975

Dell Technologies VxRail: Node add NIC configuration SSL: CERTIFICATE_VERIFY_FAILED

Last updated on 2/26/2025

Vendor details

Vendor details

Description

Symptoms

Cause

Resolution

Support Cases

Links

Top Dell defects by risk score

Ready to prevent the next vendor outage?