OPERATIONAL DEFECT DATABASE
...
...
You're running NSX federationYou're attempting to either onboard a site.You observe error similar to the below on the UI You observe the following entries in the Global Manager under /var/log/gmanager/gmanager.log ...yyyy-mm-ddThh:mm:ss <gloabl-manager-fqdn> NSX 12556 SYSTEM [nsx@6876 comp="global-manager" errorCode="MP100" level="ERROR" subcomp="global-manager"] I/O error on GET request for "https://<nsx-magaer-ip>/api/v1/cluster/backups/overview": readHandshakeRecord; nested exception is javax.net.ssl.SSLException: readHandshakeRecord...yyyy-mm-ddThh:mm:ss <gloabl-manager-fqdn> NSX 12556 SYSTEM [nsx@6876 comp="global-manager" errorCode="MP100" level="ERROR" subcomp="global-manager"] I/O error on GET request for "https://<nsx-magaer-ip>/api/v1/cluster/backups/overview": Connection reset; nested exception is javax.net.ssl.SSLException: Connection reset... You have expiring certificates in one or more of the onboarded federation sites which can be verified either from the NSX UI via System > Settings > Certificates or if you observe the following entry under /var/log/proton/nsxapi.log <date-time-02> ERROR http-nio-127.0.0.1-7440-exec-15 CertificateUtil 4265 SYSTEM [nsx@6876 comp="nsx-manager" errorCode="MP2002" level="ERROR" reqId="<uuid>" subcomp="manager" username="admin"] Certificate expired, current date should not be after <date-time-01>Where <date-time-02> is after <date-time-01>
Onboarding of a site requires synchronization with the rest of the sites, the synchronization would fail if there are any expired certificates in the environment. Note, it is important to check on all Local Managers and all Global manager for expired certificates.
Please make sure that all the certificates in the federation setup are valid to avoid this issue. If you have expired certificates please follow the document Replace Certificates to keep the certificates up to date.
Click on a version to see all relevant bugs
VMware Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
