Hi guys,
can anyone of you confirm that the vcenter certificate verfication in appvol manager get lost again after few days?
We have the vmware self-signed certificate on our vcenter server. We also accept this certificate in appvolumes 2.12.1 with click on accept (machine managers).
After that I can see the message: "Certificate: Using administrator trusted certificate"
If I check this setting after few days its again lost and I have to accept the certificate again. It's doesn't impact the appvol functionality, but I will create a lot of log entries.....
Validating SSL certificate for "VCA.domain.local": Rejected because certificate is neither verified nor trusted
Failed to connect to vSphere at "domain\srvappvol@VCA.domain.local": SSL_connect returned=1 errno=0 state=error: certificate verify failed
Regards,
VM-Master
New
.Yes we have the exact same issue, it's a known issue for as far as I'm aware. Just make sure to raise a ticket with VMware, they are aware.
I reconized that this happens after rebooting the vcenter server.
Why are these "known issues" are not public documented?
Indeed restarting the Vcenter triggers it. Strange thing is that we, at first sight, could not reproduce it on our acceptance environment.
The current workaround for this is:
Steps:
1:- set env variable AVM_DISABLE_VCENTER_SSL_VALIDATION with value 1 on Management servers
2:- restart the manager service.
Hi techguy129,
can you please describe how to set this value on the appvolumes managers?
I open a command prompt and typed in....
"set env variable AVM_DISABLE_VCENTER_SSL_VALIDATION=1"
Is there an option to check this setting?
New
.Had same issue.. this is even more fun when running multiple vCenters under the same SSO...
Then you get the intermediate cert presented instead of the vCenter certs. Causing duplicate cert entry in the database.
This even causes that only one vCenter will work and the others will fail to even mount App Stacks.
Thankfully this quick bypass solves it and will be patched in 2.13
Thanks a lot techguy129! This seems to solve the issue.
I just heard from VMware that this is indeed a know bug.
A hot patch is available, but needs to be requested separately from VMware Global Support.
The issue will be resolved in a future version of App Volumes
If it is the 2.12.3.11 hotfix no need to ask for it. We tested it on our managers but still see this specific error message popping up.
We are now running 2.12.3.11 agent (which works quite well just not with all 2.9 appstacks) and 2.12.1.103 manager. For me it seems to be the most stable and quickest combination until now. And believe me I have seen a few .
This issue has been addressed and deploying the most recent version of App Volumes would provide a more secure option.
Jeff Ulatoski
Senior Product Manager, App Volumes