01-29-2018 05:33 AM - edited 01-29-2018 05:34 AM
Hello All,
Netbackup Appliance 5240 on 3.0 and upgraded to 3.1, AIR setup is not working. We have tried deleting & recreating token, deleting certificates and recreating it. Any help will be much appreciated.
Only error while creating trust is Error 41: Network timed out while the network is all perfect, sas utility output is OK.
bptestbpcd fails with below error, what should I do to fix ?
bptestbpcd -verbose -host <second master server>
<16>bptestbpcd main: Function ConnectToBPCD(second master server) failed: 7641
<16>bptestbpcd main: Failed to find a common CA Root for secure handshake
<16>bptestbpcd main: Failed to find a common CA Root to complete secure handshake: Connector CAs(["28d03521-5981-41e7-89f1-35fac719c481"]), Acceptor CAs(["09bfd19b-b6f1-4f73-b2d8-3173d46d30d2"]).: 7641
[PROXY] Encountered error (CERT_PROTOCOL_SELECT_COMMON_CA_ROOT) while processing(CertProtocol).: 4
Failed to find a common CA Root for secure handshake
Solved! Go to Solution.
08-12-2018 11:56 PM
To resolve this no common root CA cert issue, you need to run this command locally on source and target replication master servers. This is due to new security checks from 8.1
nbseccmd -setuptrustedmaster -update -masterserver localmaster -remotemasterserver remotemaster -domainname domain.grp -username <user with admin priviledges on the remote master>
Password:<enter password>
Expected output:
CA certificate stored successfully from server remotemaster.
Host certificate received successfully from server remotemaster.
Trusted master operation successful
01-29-2018 05:39 AM
I have tried the below technote as well, still the problem remains as is:
https://www.veritas.com/support/en_US/article.100039733.html
03-05-2018 03:21 PM - edited 03-05-2018 03:21 PM
on the source and target AIR masters what does this command return
nbcertcmd -getCACertificate -server (master server name)
08-12-2018 11:56 PM
To resolve this no common root CA cert issue, you need to run this command locally on source and target replication master servers. This is due to new security checks from 8.1
nbseccmd -setuptrustedmaster -update -masterserver localmaster -remotemasterserver remotemaster -domainname domain.grp -username <user with admin priviledges on the remote master>
Password:<enter password>
Expected output:
CA certificate stored successfully from server remotemaster.
Host certificate received successfully from server remotemaster.
Trusted master operation successful
08-13-2018 04:32 AM
Hopefully @dipendra will tell us if any progress was made over the last couple of months.