Skip to main content
Start a Conversation

This post is more than 5 years old

Solved!

Go to Solution

VivekSarmalkar1

23 Posts

11649

February 1st, 2015 07:00

avamar virtual appliance ssl error

Getting error given below. how to resolve it or skip ssl if not signed by CA.

avvcbimage Warning <16004>: Soap fault detected, Connection problem with WS ticket, Msg:'SOAP 1.1 fault: SOAP-ENV:Client [no subcode]

"SSL_ERROR_SSL

error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed"

Detail: SSL_connect error in tcp_connect()

avvcbimage Warning <0000>: [IMG0014] Problem logging into URL 'https://vcenter:443/sdk' with session cookie.

avvcbimage Info <16021>: Logging into URL 'https://vcenter:443/sdk' with user 'administrator' credentials.

avvcbimage Warning <16004>: Soap fault detected, Connection problem, Msg:'SOAP 1.1 fault: SOAP-ENV:Client [no subcode]

"SSL_ERROR_SSL

error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed"

VivekSarmalkar1

23 Posts

June 30th, 2015 12:00

Disable certification verification in avamar for vcenter & perform below steps:

Unencrypted Backups & Replication Fail in Avamar 7.1 Due to Increased Firewall Restrictions

Add a gsan-port file to allow port 27000 usage

For any new installation of 7.1 GA the gsan-port file will be missing from -"/usr/local/avamar/lib/admin/security/gsan-port"

Login to the Avamar utiltiy node as root and load the dpnid keys per KB 95614.

Verify this file is absent:

ls -l /usr/local/avamar/lib/admin/security/

Create the gsan-port file using vi (or equivalent).

vi /usr/local/avamar/lib/admin/security/gsan-port

On the first line insert:

GSAN_PLAIN_TEXT='27000,'

Save the close the file.

If on a multi-node grid copy the file to the data nodes.  If a Single Node skip to Step 6.

mapall --user=root copy /usr/local/avamar/lib/admin/security/gsan-port

Once copied move the file to the correct directory.

mapall --user=root mv gsan-port /usr/local/avamar/lib/admin/security/

Restart the avfirewall services.

mapall --noerror --all+ --user=root 'service avfirewall restart'

Confirm no further issues exist by running telnet from utility node to one of the Avamar Data Nodes.

Note: Alternatively, running an unencrypted client backup to confirm it is successful.

          telnet 27000


Ref:https://community.emc.com/docs/DOC-42141

leckdog34

2 Posts

March 27th, 2015 07:00

I am having the same issue with the Avamar proxy virtual appliance. If I leave the default EMC certificate, VM backups work correctly. I have tried setting the certificate to the vCenter CRT and PEM files, same error as above.

I have tickets open with EMC and VMware on this issue but no resolution yet. I am curious if you were able to get this working?

Thanks

VivekSarmalkar1

23 Posts

April 1st, 2015 01:00

Not able to perform with EMC certificate? Any one resolved it?

leckdog34

2 Posts

April 1st, 2015 05:00

No resolution yet. Working with VMware and EMC still. We have strict policies on security due to being in the healthcare industry, so getting our own SSL to work is mandatory. I will post a resolution when we get there!

Ram8985

1 Message

October 17th, 2019 01:00

avvcbimage Error <0000>: [IMG0014] Problem logging into URL 'https://Avamar grid:443/sdk' with user 'EMEA\S-ESX-EMC-VC-AVAMAR'

View More

View All

No Events found!

Top