05-02-2019 07:36 AM - edited 05-02-2019 07:44 AM
Hi,
we started having SSL handshake issues for the Enterprise Vault backup. I noticed the certificates for the servers were expired. When reissuing a token i got the message
The specified token is associated with a different host id
When creating a certrequest file on the client i noticed the request was for server evserver1, while the host itself has hostname srv-be-di-0027.
To be 100% clear : evserver1 is the vault server, but the database is hosted on srv-be-di-0027 (which is a MS cluster).
For testing purposes, i created a token for evserver1, and used that on the srv-be-di-0027 client. And this was accepted. But ofcourse this is incorrect and i should have a token for srv-be-di-0027 (which is currently still flagged red on the netbackup master).
So the problem here is that for some reason on srv-be-di-0027 certificate-wise it respresents itself as evserver1. But i have no clue where this is coming from or where this is configured. Anyone having an idea?
05-03-2019 03:08 AM
Hello,
you should try the following:
- generate reissue token for evserver1 and renew its certificate with this token
- generate reissue tokens for physical nodes of SQL cluster and renew their certificates with these tokens
- create Host Mapping records for virtual MS SQL node (probably exists)
Then test mere filesystem backup of all these servers/nodes, then test the EV backup
Regards
05-07-2019 06:52 AM
I reissued tokens for the vault server and cluster nodes. The trick here is that i had to rename the netbackup client_name using regedit for the clusternodes to srv-be-di-0027 and --028 before reissuing the token. And after the certificate was installed i had to rename it again to evserver1.