Data Domain：在某些較新的 DD 作業系統版本中，從 DD CLI 建立複寫內容時可能會回報 CA 憑證錯誤

SE@ddve01## replication add source mtree://ddve01.lab/data/col1/test_boost_11 destination mtree://ddve02.lab/data/col1/test_boost_11

**** Error getting CA certificate for ddve01.lab (**** Error communicating with host ddve01.lab: could not resolve host.).

11/26 10:54:54.980028 [7f9eb99013e0] CURL error: curl_easy_perform() returned 6 [Could not resolve: ddve01.lab (Domain name not found)]
11/26 10:54:54.980091 [7f9eb99013e0] sms_trust_get_cert_targeted_do:(ddr/sm/sms/gen/ddr/sms_trust_data.c:527): **** Error communicating with host ddve01.lab: could not resolve host.
11/26 10:54:55.032059 [7f9eb99013e0] completed job: 24337 for operation: sms_replication_add, duration: 62 msec, status: **** Error getting CA certificate for ddve01.lab (**** Error communicating with host ddve01.lab: could not resolve host.).

SE@oscarddve01## replication add source mtree://ddve01.lab/data/col1/test_boost_11 destination mtree://ddve02.lab/data/col1/test_boost_11

**** Error getting CA certificate for ddve02.lab (**** Error communicating with host ddve02.lab: could not resolve host.).

11/26 10:59:10.332885 [7f9eb9904a20] CURL error: curl_easy_perform() returned 6 [Could not resolve: ddve02.lab (Domain name not found)]
11/26 10:59:10.332935 [7f9eb9904a20] sms_trust_get_cert_targeted_do:(ddr/sm/sms/gen/ddr/sms_trust_data.c:527): **** Error communicating with host ddve02.lab: could not resolve host.
11/26 10:59:10.372900 [7f9eb9904a20] completed job: 24398 for operation: sms_replication_add, duration: 97 msec, status: **** Error getting CA certificate for ddve02.lab (**** Error communicating with host ddve02.lab: could not resolve host.).

SE@oscarddve01## replication add source mtree://ddve01.lab/data/col1/test_boost_11 destination mtree://ddve02.lab/data/col1/test_boost_11

**** Error getting CA certificate for ddve02.lab (**** Error communicating with host ddve02.lab: the operation timed out.).

11/26 11:33:23.403681 [1254ec80] CURL error: curl_easy_perform() returned 28 [Connection timed out after 30001 milliseconds]
11/26 11:33:23.403927 [1254ec80] sms_trust_get_cert_targeted_do:(ddr/sm/sms/gen/ddr/sms_trust_data.c:527): **** Error communicating with host ddve02.lab: the operation timed out.
11/26 11:33:23.474988 [1254ec80] completed job: 24741 for operation: sms_replication_add, duration: 30122 msec, status: **** Error getting CA certificate for ddve02.lab (**** Error communicating with host ddve02.lab: the operation timed out.).

解析度：
檢查環境的相容性後，將 DD OS 版本升級至 7.7.5.20 或更新版本、7.10.1.10 或更新版本，或 7.12 或更新版本。

解決 方案：
請確定來源和目的地 Data Domain 皆可透過 DNS 或主機名稱本機解析度解決合作夥伴 Data Domain 主機名稱和自己的主機名稱 （使用 # net 查詢命令） （手動新增）。

每個 Data Domain 應有 兩 個主項目目，一個屬於其主機名稱的專案，以及一個用於複寫合作夥伴的專案。

使用命令檢查主機對應： 

# net hosts show
# net hosts add <target IP> <target FQDN> <target hostname>

範例： 

# net hosts add 192.168.3.3 bkup20.yourcompany.com bkup20

請確定來源和目的地 Data Domain 都可透過 tcp 埠 3009 連線至遠端對等 Data Domain，因為這是用來取得遠端對等 CA 憑證的埠。您使用命令檢查 SE 模式：

# se telnet <IP> 3009

或者，如果 Data Domains 之間無法開啟埠 3009，且長時間無法升級 DD OS 版本，請聯絡您的支援小組以協助設定複寫。