cancel
Showing results forΒ 
Search instead forΒ 
Did you mean:Β 

Netbackup could not initiate a trust relationship with host

diegomauricior
Level 3

ello,

I have a problem whe i try to log on into the admin GUI,

I used to run the command /usr/openv/netbackup/bin/jnbSA $ from the masterserver exporting the display using Xming and the java application started witout problem, however today when I try to login, I can't do it.

The applications shows this message: "NetBackup could not initiate a trust relationship with host hostname. Ensure that your Domain Name Service (DNS) resolves the hostname to the correct IP address and check network connectivity".

When i see the log of the applications it shows the following messages:

DISPLAY environment variable is set to: localhost:11.0
Console was started on:
        Linux srvbackup 3.10.0-123.el7.x86_64 #1 SMP Mon May 5 11:16:57 EDT 2014 x86_64 x86_64 x86_64 GNU/Linux

Command line options were:
        /usr/openv/netbackup/bin/jnbSA $

Starting administration console version 7.6.1.

LANG=en_US.UTF-8
LC_CTYPE="en_US.UTF-8"
LC_NUMERIC="en_US.UTF-8"
LC_TIME="en_US.UTF-8"
LC_COLLATE="en_US.UTF-8"
LC_MONETARY="en_US.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="en_US.UTF-8"
LC_NAME="en_US.UTF-8"
LC_ADDRESS="en_US.UTF-8"
LC_TELEPHONE="en_US.UTF-8"
LC_MEASUREMENT="en_US.UTF-8"
LC_IDENTIFICATION="en_US.UTF-8"
LC_ALL=

java version "1.7.0_55"
Java(TM) SE Runtime Environment (build 1.7.0_55-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.55-b03, mixed mode)

ServerInterface:setDebugLevel:262144
BpjavaLoginModule:Setting ServerRequest, debugLevel:262144
BpjavaLoginModule:connectServer:[root][srvbackup][0]
From Logon, Connecting to vnetd service over PBX port = 1556, authService is true
Acknowledgement from PBX1
Mutual Auth : true
vrts.vss.sdk.at.exception.VRTSAtException:
        at vrts.vss.sdk.at.lib.core.Authenticator.atSecConnConnectEx(Native Method)
        at vrts.vss.sdk.at.lib.core.Authenticator.vrtsAtSecConnConnectEx(Authenticator.java:2733)
        at vrts.vss.sdk.at.lib.core.Authenticator.vrtsAtSecConnConnectEx(Authenticator.java:2708)
        at vrts.shared.server.VxATSocket.sslConnect(VxATSocket.java:337)
        at vrts.shared.server.ServerInterface.secureConnect(ServerInterface.java:1141)
        at vrts.shared.server.ServerInterface.connectToServiceViaVNETD(ServerInterface.java:1236)
        at vrts.shared.server.ServerInterface.run(ServerInterface.java:2289)
Acknowledgement from PBX1
Mutual Auth : false
Connecting to NBATD at [ srvbackup!1556!nbatd ] for establishing trust.
vrts.shared.server.CertificateAuthenticationException: NetBackup could not initiate a trust relationship with host "srvbackup". Ensure that your Domain Name Service (DNS) resolves the hostname to the correct IP address and check network connectivity.
        at vrts.shared.server.VxATSocket.setupTrust(VxATSocket.java:259)
        at vrts.shared.server.VxATSocket.sslConnect(VxATSocket.java:382)
        at vrts.shared.server.ServerInterface.secureConnect(ServerInterface.java:1141)
        at vrts.shared.server.ServerInterface.connectToServiceViaVNETD(ServerInterface.java:1233)
        at vrts.shared.server.ServerInterface.executeRun(ServerInterface.java:3250)
        at vrts.shared.server.ServerInterface.run(ServerInterface.java:2289)
-------- secureConnect() --------
vrts.shared.server.CertificateAuthenticationException: NetBackup could not initiate a trust relationship with host "srvbackup". Ensure that your Domain Name Service (DNS) resolves the hostname to the correct IP address and check network connectivity.
        at vrts.shared.server.VxATSocket.setupTrust(VxATSocket.java:259)
        at vrts.shared.server.VxATSocket.sslConnect(VxATSocket.java:382)
        at vrts.shared.server.ServerInterface.secureConnect(ServerInterface.java:1141)
        at vrts.shared.server.ServerInterface.connectToServiceViaVNETD(ServerInterface.java:1233)
        at vrts.shared.server.ServerInterface.executeRun(ServerInterface.java:3250)
        at vrts.shared.server.ServerInterface.run(ServerInterface.java:2289)
CertificateAuthenticationException encountered, NetBackup could not initiate a trust relationship with host "srvbackup". Ensure that your Domain Name Service (DNS) resolves the hostname to the correct IP address and check network connectivity.
        at vrts.shared.server.ServerInterface.executeRun(ServerInterface.java:3250)

i{ve checked the services and the port 1556 is opend under the service  /opt/VRTSpbx/bin/pbx_exchange as you can see:

[root@srvbackup bin]# netstat -tulpn | grep 1556
tcp        0      0 0.0.0.0:1556            0.0.0.0:*               LISTEN      2639/pbx_exchange
tcp6       0      0 :::1556                 :::*                    LISTEN      2639/pbx_exchange
 

this is the bpps -x output:

[root@srvbackup bin]# /usr/openv/netbackup/bin/bpps -x
NB Processes
------------
root     10505     1  0 10:03 ?        00:00:00 /usr/openv/netbackup/bin/vnetd -standalone
root     10508     1  0 10:03 ?        00:00:00 /usr/openv/netbackup/bin/bpcd -standalone
root     10528     1  0 10:03 ?        00:00:00 /usr/openv/netbackup/bin/nbdisco
root     10634     1  2 10:03 ?        00:00:29 /usr/openv/db//bin/NB_dbsrv @/usr/openv/var/global/server.conf @/usr/openv/var/global/databases.conf -hn 5
root     10715     1  0 10:03 ?        00:00:00 /usr/openv/netbackup/bin/nbevtmgr
root     10760     1  0 10:03 ?        00:00:00 /usr/openv/netbackup/bin/nbaudit
root     10897     1  0 10:03 ?        00:00:00 /usr/openv/pdde/pdag/bin/mtstrmd
root     10902     1  0 10:03 ?        00:00:00 /usr/openv/netbackup/bin/nbemm
root     10926     1  0 10:03 ?        00:00:00 /usr/openv/netbackup/bin/nbrb
root     10980     1  0 10:03 pts/2    00:00:00 /usr/openv/netbackup/bin/bprd
root     10997     1  0 10:03 ?        00:00:00 /usr/openv/netbackup/bin/bpcompatd
root     11000     1  0 10:03 pts/2    00:00:00 /usr/openv/netbackup/bin/bpdbm
root     11008     1  0 10:03 ?        00:00:00 /usr/openv/netbackup/bin/nbjm
root     11015 11000  0 10:03 pts/2    00:00:00 /usr/openv/netbackup/bin/bpjobd
root     11047     1  0 10:03 ?        00:00:00 /usr/openv/netbackup/bin/nbpem
root     11106 11047  0 10:03 ?        00:00:00 /usr/openv/netbackup/bin/nbproxy dblib nbpem
root     11115     1  0 10:03 ?        00:00:00 /usr/openv/netbackup/bin/nbstserv
root     11173     1  0 10:03 ?        00:00:00 /usr/openv/netbackup/bin/nbrmms
root     11308     1  0 10:04 ?        00:00:00 /usr/openv/netbackup/bin/nbsl
root     11344     1  0 10:04 ?        00:00:00 /usr/openv/netbackup/bin/nbim
root     11452     1  0 10:04 ?        00:00:00 /usr/openv/netbackup/bin/nbars
root     11594     1  0 10:04 ?        00:00:00 /usr/openv/netbackup/bin/nbvault
root     11598     1  0 10:04 pts/2    00:00:00 /usr/openv/netbackup/bin/nbcssc -a NetBackup
root     11636     1  0 10:04 ?        00:00:00 /usr/openv/netbackup/bin/nbsvcmon
root     11697 11000  0 10:04 pts/2    00:00:00 /usr/openv/netbackup/bin/bpdbm
root     11712 11008  0 10:04 ?        00:00:00 /usr/openv/netbackup/bin/nbproxy dblib nbjm
root     12337 12296  0 10:07 pts/2    00:00:04 /usr/openv/java/jre/bin/java -Dvrts.NBJAVA_CONF=/usr/openv/java/nbj.conf -showversion -d64 -Dvrts.common.server.LCCTYPE="en_US.UTF-8" -Dvrts.common.server.LOG_CMDLINES=false -Djava.library.path=/usr/openv/lib -Dvrtsat.datadir=/usr/openv/var/vxss/at -Dvrtsat.home=/usr/openv/netbackup/sec/at -Dvrts.common.utilities.DEBUG_PROPERTIES=/usr/openv/java/Debug.properties -Dvrts.nbe.HOSTNAME= -Dvrts.nbe.INST_REL=760000 -Dvrts.nbe.BUILDNO=20141027 -Djava.util.prefs.PreferencesFactory=vrts.common.launch.PropertiesPreferencesFactory -Xms1024M -Xmx2048M vrts.nbe.AdminConsole

MM Processes
------------
root     10966     1  0 10:03 pts/2    00:00:00 /usr/openv/volmgr/bin/ltid
root     10972     1  0 10:03 pts/2    00:00:00 vmd
root     11733 10966  0 10:04 pts/2    00:00:00 tldd
root     11749 10966  0 10:04 pts/2    00:00:00 avrd
root     11752     1  0 10:04 pts/2    00:00:00 tldcd

Shared Symantec Processes
-------------------------
root      2639     1  0  2015 ?        00:05:42 /opt/VRTSpbx/bin/pbx_exchange
 

and the /etc/hosts has already an entry for the hostname.

Thanks a lot for your help!!

29 REPLIES 29

areznik
Level 5

You have something strange going on with your hosts file, srvbackup is listed several times 

192.168.80.141  srvbackup
192.168.10.153  srvbackup_nfs   srvbackup
192.168.69.9    srvbackup_bck   srvbackup

Has that always been like that? Doesnt look right to me... im wondering if its causing a name mismatch with whats on the certificate. 

Can you also post your /etc/nsswitch.conf file?   

 

areznik
Level 5

Also, it is kind of concerning that nbatd is not running. 

Check this post for a similar situation. Check your logs to see if its dying instantly on netbackup restart, if so what are the errors?

sdo
Moderator
Moderator
Partner    VIP    Certified

grrr... I missed that - I think NBU will get confused.  I agree, there should only be one IP for the one name of   srvbackup.

RiaanBadenhorst
Moderator
Moderator
Partner    VIP    Accredited Certified

nbatd is not running because NBAC is not configured, or it has been turned off (USE_VXSS =  PROHIBITED)

 

Did you have NBAC running or just logging in with root?

 

And also, you've got reverse lookup mismatches for the extra IP addresses configured. I'd resolve that.

areznik
Level 5

I have NBAC not configured and USE_VXSS = PROHIBITED, yet nbatd is running. I dont know enough about it to say if thats normal though. 

The reason why I thought it might be a concern is this error in the initial post:  

Connecting to NBATD at [ srvbackup!1556!nbatd ] for establishing trust.
vrts.shared.server.CertificateAuthenticationException: NetBackup could not initiate a trust relationship with host "srvbackup". Ensure that your Domain Name Service (DNS) resolves the hostname to the correct IP address and check network connectivity.

revarooo
Level 6
Employee
Get the host file sorted. Clear the host cache once hosts is sorted with bpclntcmd -clear_host_cache Then login again the the gui...if it still errors, enable the bpjava-msvc directoru in netbackup/logs. Try again then look in this file for /usr/openv/var/vxss/credentials There will be a certificate to delete.

sdo
Moderator
Moderator
Partner    VIP    Certified

Hi diego... did you get this working again?

diegomauricior
Level 3

the solution was 

cp -rp /usr/openv/var/vxss/credentials/ /usr/openv/var/vxss/credentials.old

cd credentials

rm -rf srvbackup

rm -rf localhost6.localdomain6

/usr/openv/netbackup/bin/goodies/netbackup stop

./netbackup start -f -v

run again the jave program

/usr/openv/netbackup/bin/jnbSA &

Solve

sdo
Moderator
Moderator
Partner    VIP    Certified

Thanks for posting the solution.

m_karampasis
Level 4
Partner Accredited

You do not have to restart the NetBackup services just rename the file.