VxRail:由于 ESXi 证书不受信任,vSAN 运行状况命令引发错误“CERTIFICATE_VERIFY_FAILED”
Summary: 由于 ESXi 证书不受信任,vSAN 运行状况命令引发错误CERTIFICATE_VERIFY_FAILED。
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
运行 VxVerify 时,我们可能会遇到如下严重消息:
VxRM | 0 Pass | Tests passed successfully DE3002xxxxxxxx|
| _cluster | 3 Crit 000066460 | vsh_object: Test error, see minion_hostname.log for details .|
| `` | 3 Crit 000066460 | vsh_cluster: Test error, see minion_hostname.log for details |
| vxrail-n-01 | 3 Crit 000066460 | vsh_util: Test error, see minion_hostname.log for details |
| `` | 3 Crit 000066460 | vsh_network: Test error, see minion_hostname.log for details |
| `` | 3 Crit 000066460 | vsh_disk: Test error, see minion_hostname.log for details |
| vxrail-n-02 | 3 Crit 000066460 | vsh_util: Test error, see minion_hostname.log for details |
| `` | 3 Crit 000066460 | vsh_network: Test error, see minion_hostname.log for details |
| `` | 3 Crit 000066460 | vsh_disk: Test error, see minion_hostname.log for details |
| vxrail-n-03 | 3 Crit 000066460 | vsh_util: Test error, see minion_hostname.log for details |
| `` | 3 Crit 000066460 | vsh_network: Test error, see minion_hostname.log for details |
| `` | 3 Crit 000066460 | vsh_disk: Test error, see minion_hostname.log for details |
| vxrail-n-04 | 3 Crit 000066460 | vsh_util: Test error, see minion_hostname.log for details |
| `` | 3 Crit 000066460 | vsh_network: Test error, see minion_hostname.log for details |
| `` | 3 Crit 000066460 | vsh_disk: Test error, see minion_hostname.log for details |
运行时 localcli vsan health cluster list 在主机上,我们看到如下错误:
ERROR:root:Failed to test vsan vmodl version with error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:728) on localhost
WARNING:root:Retry retrieving vsan vmodl version, 0
ERROR:root:Failed to test vsan vmodl version with error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:728) on localhost
WARNING:root:Retry retrieving vsan vmodl version, 1
ERROR:root:Failed to test vsan vmodl version with error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:728) on localhost
WARNING:root:Retry retrieving vsan vmodl version, 2
ERROR:root:Failed to test vsan vmodl version with error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:728) on localhost
WARNING:root:Retry retrieving vsan vmodl version
vCenter Server Appliance 也可能弹出警报 "vSphere vCenter Certificate Management Mode"
Cause
vSAN 运行状况命令失败,因为群集中 ESXi 主机上的证书不受信任。
Resolution
要解决此问题:
- 将中间证书和根证书导出到磁盘,并将其复制到群集中的每个 ESXi 主机。
- 使用通过 CLI 在 ESXi 主机上添加自定义证书中详细介绍的命令,将它们添加到 ESXi 信任库。
- 完成此作后,请重新启动每个主机上的服务,以确保更改未导致任何其他服务出现任何问题。
- 完成此作后,您应成功运行
localcli失败的命令 (localcli vsan health cluster list),并且您还应该能够验证 VxRail VxVerify 中曾经失败的预检查现在是否正在完成,没有错误。
Affected Products
VxRail, VMWare Cloud on Dell EMC VxRail E560F, VMWare Cloud on Dell EMC VxRail E560N, VxRail Appliance Family, VxRail Appliance Series, VxRail G Series Nodes, VxRail D Series Nodes, VxRail D560, VxRail D560F, VxRail E Series Nodes, VxRail E460
, VxRail E560, VxRail E560F, VxRail E560N, VxRail E660, VxRail E660F, VxRail E660N, VxRail E665, VxRail E665F, VxRail E665N, VxRail G560, VxRail G560F, VxRail P Series Nodes, VxRail P470, VxRail P570, VxRail P570 VCF, VxRail P570F, VxRail P570F VCF, VxRail P580N, VxRail P580N VCF, VxRail P670F, VxRail P670N, VxRail P675F, VxRail P675N, VxRail S Series Nodes, VxRail S470, VxRail S570, VxRail S670, VxRail Software, VxRail V470, VxRail V570, VxRail V570 VCF, VxRail V570F, VXRAIL V670F, VxRail VD-4510C, VxRail VD-4520C, VxRail VD Series Nodes, VxRail VE-660, VxRail VE-6615, VxRail VP-760, VxRail VP-7625, VxRail VS-760
...
Article Properties
Article Number: 000185050
Article Type: Solution
Last Modified: 25 Sept 2025
Version: 4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.