AnsweredAssumed Answered

unable to active vvol on vca 6.0 - certificate error

Question asked by Roland Kudelic on Feb 12, 2017
Latest reply on Feb 13, 2017 by Roland Kudelic

HI

 

I cannot activate storage provider for vvol on vca 6.0U2 with cs500 nos 3.6.1.0.

Error on VCA, the Certificate could not be added to truststore. Is there a problem with the certificate?

From Storage side, when I try to activate VASA Provider, it fails with Failed to register vasa provider.

On the storage is a wildcard certificate installed (*.ak-bs.ch) which is valid till march 2020.

 

when you run cert --list in ssh, array and group have one, no custom.

 

Nimble OS $ cert --list

Name        Subject

===================

array:      /C=US/ST=CA/L=San Jose/O=Nimble Storage/CN=AF-120751

group:      /C=US/ST=CA/L=San Jose/O=Nimble Storage/CN=nim012a01.ak0120.local

custom:     no certificate

 

 

custom-csr: /C=CH/ST=BS/L=Basel-Stadt/O=Ausgleichskasse Basel-Stadt/OU=IT/CN=nim012a01.ak-bs.ch

custom-ca:  (Pending) /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA

 

Use         Name

===================

HTTPS:      group

APIs:       group

Nimble OS $

 

So I issued a new certificate to the FQDN name of our Nimble "nim012a01.ak-bs.ch" and tried to import it, and then to set the custom cert for USE with HTTPS and APIs. But this didn't work. Got the error:

 

Nimble OS $ cert --import custom

Please enter certificate in PEM format followed by ^D:

-----BEGIN CERTIFICATE-----

ZWUjsQ44UtFEUkb/fJgt783AJrj8OkgfaYKYm5pzc2M=

...

...

-----END CERTIFICATE-----

ERROR: Verify custom cert failed: /nimble/var/private/config/current/group/certs//new.crt: C = CH, ST = Basel-Stadt, L = Basel, O = Ausgleichskasse Basel-Stadt, OU = IT, CN = nim012a01.ak-bs.ch

Nimble OS $

 

Any good idea or tipp?

 

Regards

Roland

Outcomes