RecoverPoint for Virtual Machine: Log Collection Fails if a Custom Web Certificate is Used

Summary: Log collection fails if a Custom Web Certificate is used.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

Collecting logs using either the RecoverPoint or RecoverPoint for Virtual Machines (RP4VMs) Plugin or CLI, fails and the logs are not collected.

The following error message is received stating the RecoverPoint Appliance (RPA) has a different Secure Sockets Layer (SSL) Certificate:

Error: Cannot collect system information. RPA has different SSL certificate than that of the RPA cluster you are collecting from.

The following error is seen in the Server.log for the vRPA where the log collection was started:

XXXX-08-02 07:27:09,528 [ClientSizeEstimationWorker_connectivity_0xXXXXXXXXXXXXX-1] (ClientSizeEstimationWorker.java:53) ERROR - Caught exception: Error: Cannot collect system information. RPA has different SSL certificate than that of the RPA cluster you are collecting from com.sun.xml.ws.client.ClientTransportException: 
The server sent HTTP status code 401: Unauthorized at com.sun.xml.ws.transport.http.client.HttpTransportPipe.checkStatusCode(HttpTransportPipe.java:321) ~[?:2.2] 
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.createResponsePacket(HttpTransportPipe.java:270) ~[?:2.2] at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:228) ~[?:2.2] 
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:143) ~[?:2.2] 
at com.sun.xml.ws.transport.DeferredTransportPipe.processRequest(DeferredTransportPipe.java:139) ~[?:2.2] 
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961) ~[?:2.2] 
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910) ~[?:2.2] 
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873) ~[?:2.2] 
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775) ~[?:2.2] 
at com.sun.xml.ws.client.Stub.process(Stub.java:429) ~[?:2.2] 
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:168) ~[?:2.2] 
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:119) ~[?:2.2] 
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:102) ~[?:2.2] 
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:151) ~[?:2.2] at com.sun.proxy.$Proxy202.estimateRPATarSizes(Unknown Source) ~[?:?] 
at com.kashya.installation.server.infocollect.ClientSizeEstimationWorker.execute(ClientSizeEstimationWorker.java:31) [com.kashya.recoverpoint.installation.server.jar:?] 
at com.kashya.installation.server.infocollect.ClientWorker.run(ClientWorker.java:164) [com.kashya.recoverpoint.installation.server.jar:?]

Cause

Log collection uses certificates to send commands and logs using the Installation servers, which fail to authenticate when a custom certificate is implemented.
Because of this communication issue, the log collection process fails to complete.

Resolution

Workaround:

Two separate workarounds exist for this situation.
  1. Use the default Web Certificate instead of a custom certificate. Applying this change closes the current session and the network services restarted:
    1. SSH to each vRPA in the impacted vRPA Cluster
    2. Go to the Certificate Management menu.

[2] Setup
[8] Advanced options
[2] Security options
[#] Certificates management > This menu option may be a different value depending on the version of RP4VMs.
[1] Keystore management
[2] Change web server certificate

  1. If a Custom Web Certificate is already in use, the CLI provides a prompt to restore the default Web Certificate
  1. Use the following procedure to collect logs manually from each vRPA using the root user account:
    1. Log in to the vRPA as root.
    2. Run the following command to initiate the log collection process. This command must be updated for each vRPA and vRPA Cluster:
/home/kos/kbox/src/installation/InfoCollect/CollectRPAInfo.pl RPA#.<Cluster_Name>
  • The RPA Number (#) and <Cluster_Name> must be updated and replaced for each use of this command to create unique and descriptive file names.
  • Cluster name can be obtained from the admin CLI or the Plugin.
  • Replace any blank spaces with an "_" in the filename. EX: Cluster 1 = Cluster_1
  1. Run the following command to copy files from /home/kos/rpa_info/ to /home/www/info/ for download from https://<RPA_IP>/info.
cp /home/kos/rpa_info/logs_* /home/www/info/


Resolution:

Dell Technologies engineering is investigating this issue. A permanent fix is still in progress. Contact the Dell Customer Support Center or your service representative for assistance and reference this solution ID.

Article Properties
Article Number: 000165402
Article Type: Solution
Last Modified: 12 Feb 2025
Version:  4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.