Verification of X.509 certificate failed when connecting to the bpjava msvc service on
Hi all,
I have installed Virtual Netbackup Appliance into Vmware Workstation in ESXi host. The installation was completed successfully and I am able to get to CLI interface of the Netbackup appliance.
However, it is not possible to get into Java GUI. When I am trying to login I get this error: Verification of X.509 certificate failed when connecting to the bpjava msvc service on
Is there any workaround for this?
Any help much appreciated!
Below, I am adding some log outputs:
Adding CA certificate to the truststore.
CA certificate is successfully added to the truststore.
vrts.vss.sdk.at.exception.VRTSAtException: Unexpected VxAT Error
at vrts.vss.sdk.at.lib.core.Authenticator.atSecConnConnectEx(Native Method)
at vrts.vss.sdk.at.lib.core.Authenticator.vrtsAtSecConnConnectEx(Authenticator.java:3698)
at vrts.vss.sdk.at.lib.core.Authenticator.vrtsAtSecConnConnectEx(Authenticator.java:3649)
at vrts.shared.server.VxATSocket.sslConnect(VxATSocket.java:749)
at vrts.shared.server.ServerInterface.secureConnect(ServerInterface.java:1636)
at vrts.shared.server.ServerInterface.connectToServiceViaVNETD(ServerInterface.java:1933)
at vrts.shared.server.ServerInterface.executeRun(ServerInterface.java:4098)
at vrts.shared.server.ServerInterface.run(ServerInterface.java:3075)
CertificateAuthenticationException encountered, Verification of X.509 certificate failed when connecting to the bpjava msvc service on nb-appliance.
[10/27/21 11:47:10 AM CEST {1635328030269}] [-1] [Session] abort: closing all bpjava-sessions
[10/27/21 11:47:10 AM CEST {1635328030269}] [-1] [Session] nothing to deinitialize
Log from nb-appliance:/log/openv/nbatd
0,51216,18,18,29,1635326337399,18597,139989181687616,0:,137:ACE_SSL (18583|139989181687616) error code: 336105606 - error:14089086:SSL routines:ssl3_get_client_certificate:certificate verify failed,9:debugmsgs,1
0,51216,18,18,30,1635326337400,18597,139989181687616,0:,119:ACE_SSL (18583|139989181687616) error code: 336462231 - error:140E0197:SSL routines:SSL_shutdown:shutdown while in init,9:debugmsgs,1
0,51216,18,18,1,1635327338124,35291,140643880494912,0:,37:(server.cpp:1516) At Init successful.,9:debugmsgs,1
0,51216,18,18,2,1635327338125,35305,140643880494912,0:,62:(server.cpp:1549) Initialized local configuration successfully,9:debugmsgs,1
0,51216,18,18,3,1635327338174,35305,140643880494912,0:,48:server.cpp:1574) *** Broker Not In FIPS mode ***,9:debugmsgs,1
0,51216,18,18,4,1635327338174,35305,140643880494912,0:,68:(server.cpp:1152) Detailed broker log would be available in UL file ,9:debugmsgs,1
0,51216,18,18,5,1635327338175,35305,140643880494912,0:,79:(server.cpp:366) SetDebugLevelForUL::ProductID:51216, OriginID:18, DebugLevel:1,9:debugmsgs,1
0,51216,18,18,6,1635327338237,35305,140643880494912,0:,36:(server.cpp:1605) Loaded all plugins,9:debugmsgs,1
0,51216,18,18,7,1635327338251,35305,140643880494912,0:,125:(../registry/atregistry.cpp:616) AtRegistry<LOCK>::OpenSection failed. sub_section = root@nb-appliance, fCreate 0, Errno = -1,9:debugmsgs,1
0,51216,18,18,8,1635327338386,35305,140643880494912,0:,39:(brokersetup.cpp:128) TLS key generated,9:debugmsgs,1
0,51216,18,18,9,1635327338387,35305,140643880494912,0:,40:(brokersetup.cpp:142) TLS cert generated,9:debugmsgs,1
0,51216,18,18,10,1635327338387,35305,140643880494912,0:,63:(brokersetup.cpp:155) ACE_SSL_Context set with TLS cert and key,9:debugmsgs,1
0,51216,18,18,11,1635327338387,35305,140643880494912,0:,69:(brokersetup.cpp:169) broker cert added in ACE_SSL_Context cert chain,9:debugmsgs,1
0,51216,18,18,12,1635327338387,35305,140643880494912,0:,65:(brokersetup.cpp:189) RB cert added in ACE_SSL_Context cert chain,9:debugmsgs,1
0,51216,18,18,13,1635327338392,35305,140643880494912,0:,54:(server.cpp:1800) Broker discovery using mDNS disabled,9:debugmsgs,1
0,51216,18,18,14,1635327338393,35305,140643880494912,0:,75:(brokersetup.cpp:1085) Automatic broker credential renewal flag is enabled.,9:debugmsgs,1
0,51216,18,18,15,1635327338393,35305,140643880494912,0:,75:(brokersetup.cpp:1086) Broker credential would be renewed before its expiry,9:debugmsgs,1
0,51216,18,18,16,1635327338394,35305,140643880494912,0:,121:(server.cpp:934) Error! Check if a different instance of this program or another program is already running on port 13783,9:debugmsgs,1
0,51216,18,18,17,1635327338395,35305,140643880494912,0:,42:(server.cpp:1831) Broker Raised Exception!,9:debugmsgs,1
0,51216,18,18,18,1635327338395,35305,140643880494912,0:,81:(broker_excep.cpp:133) Error: -1 - Failed to open the acceptor in server.cpp(935),9:debugmsgs,1
0,51216,18,18,19,1635327338397,35305,140643880494912,0:,42:(server.cpp:1863) Broker shutdown complete,9:debugmsgs,1
0,51216,18,18,31,1635327970589,18597,139989105186560,0:,73:(client_handler.cpp:150) New thread spawned to handle the client request.,9:debugmsgs,1
0,51216,18,18,32,1635327976251,18597,139989105186560,0:,48:(msgtransport.cpp:92) Cannot read version number,9:debugmsgs,1
0,51216,18,18,33,1635327976256,18597,139989105186560,0:,73:(client_handler.cpp:158) Finished handling client request.Thread exiting.,9:debugmsgs,1
0,51216,18,18,34,1635328021168,18597,139989105186560,0:,73:(client_handler.cpp:150) New thread spawned to handle the client request.,9:debugmsgs,1
0,51216,18,18,35,1635328021214,18597,139989105186560,0:,71:(client_handler.cpp:1041) Got certificate request command from the peer,9:debugmsgs,1
0,51216,18,18,36,1635328021260,18597,139989105186560,0:,48:(msgtransport.cpp:92) Cannot read version number,9:debugmsgs,1
0,51216,18,18,37,1635328021262,18597,139989105186560,0:,73:(client_handler.cpp:158) Finished handling client request.Thread exiting.,9:debugmsgs,1
0,51216,18,18,38,1635328021292,18597,139989105186560,0:,73:(client_handler.cpp:150) New thread spawned to handle the client request.,9:debugmsgs,1
0,51216,18,18,39,1635328021480,18597,139989105186560,0:,48:(msgtransport.cpp:92) Cannot read version number,9:debugmsgs,1
0,51216,18,18,40,1635328021480,18597,139989105186560,0:,73:(client_handler.cpp:158) Finished handling client request.Thread exiting.,9:debugmsgs,1
Hi JimmyB2
Which OVF did you deploy? When you say installation has completed - what do you mean, has the OVF deployed successfully, or have you finished the configuration of the virtual appliance and configured the NetBackup role.
Basic steps required:
- Deploy OVF
- Configure network settings and hostname (requires hostname lookup to be working, and the IP needs to be configured on eth1, not eth0)
- Configure role
Being able to reach the CLI just means the virtual appliance is running.
David