VxRail：添加节点 NIC 配置错误： SSL地址：CERTIFICATE_VERIFY_FAILED

Summary: 添加节点在进行 NIC 配置时失败，并显示错误： SSL地址：CERTIFICATE_VERIFY_FAILED

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Check out other resources

Symptoms

在执行节点添加时，我们无法通过 NIC 配置页面。

错误日志：

22-04-28T05:33:31.194+0000 ERROR [pool-69-thread-1] com.vce.commons.domainowner.graphq.DefaultQueryExecutorImpl DefaultQueryExecutorImpl.filterOutErrorData:173 - Errors in do-host responsFQDN:9090 ssl:<gevent._ssl3.SSLContext object at 0x7f31e9481278> [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:
852)]","locations":[{"line":1,"column":1542,"sourceName":null}],"description":null,"validationErrorType":null,"queryPath":null,"errorType":null,"path":["configuredHosts","0","hardware","pos
ition","rackName"],"extensions":null}

卷曲检查：

vxrm # curl --capath /var/lib/vmware-marvin/trust/lin --user root -X GET -H "Content-Type: application/json" -d '{}' https://ServerName.site.lab:9090/rest/ps/private/v1/misc/certservice/certs
Enter host password for user 'root':
curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

Cause

ESXI 和 VXRM 之间的 SSL 握手失败。

Resolution

运行以下命令以验证证书问题。
使用下面的 VMware 文档检查和更新 ESXi 证书：

1.运行以下命令以测试 ESXi 主机连接，并捕获整个输出：

vxm: # openssl s_client -crl_check_all -CApath /var/lib/vmware-marvin/trust/lin/ -connect <esxi_fqdn>:443

2.运行以下命令以测试 ESXi 主机连接，并捕获整个输出：

vxm: # openssl s_client -crl_check -CApath /var/lib/vmware-marvin/trust/lin/ -connect <esxi_fqdn>:443

3.运行以下命令以测试 ESXi 主机连接，并捕获整个输出：

vxm: # openssl s_client -CApath /var/lib/vmware-marvin/trust/lin/ -connect <esxi_fqdn>:443

Example output:
Verify return code: 0 (ok)
Or,
Verify return code: 12 (CRL has expired)

查看 VMware 文档以续订和刷新 ESXi 证书：

续订和刷新 ESXi 证书 — 查看 VMware 文章续订或刷新 ESXi 证书
运行文章 VxRail：中的 cert_util.py 的最新版本：如何在 VxRail Manager 上手动导入 vCenter SSL 证书

Affected Products

VxRail, VxRail Software

Products

VxRail Software

Article Number: 000198975

Article Type: Solution

Last Modified: 05 Sept 2025

Version: 7

Check if your device is covered by Support Services.

VxRail：添加节点 NIC 配置错误： SSL地址：CERTIFICATE_VERIFY_FAILED

Summary: 添加节点在进行 NIC 配置时失败，并显示错误： SSL地址：CERTIFICATE_VERIFY_FAILED

Symptoms

Cause

Resolution

Affected Products

Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services

VxRail：添加节点 NIC 配置错误： SSL地址：CERTIFICATE_VERIFY_FAILED

Summary: 添加节点在进行 NIC 配置时失败，并显示错误： SSL地址：CERTIFICATE_VERIFY_FAILED

Detailed Article

Symptoms

Cause

Resolution

Affected Products

Symptoms

Cause

Resolution

Affected Products

Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services