cancel
Showing results for 
Search instead for 
Did you mean: 

Verification of X.509 certificate failed when connecting to the bpjava msvc service on

JimmyB2
Level 4

Hi all,

I have installed Virtual Netbackup Appliance into Vmware Workstation in ESXi host. The installation was completed successfully and I am able to get to CLI interface of the Netbackup appliance.

However, it is not possible to get into Java GUI. When I am trying to login I get this error: Verification of X.509 certificate failed when connecting to the bpjava msvc service on

Is there any workaround for this?

Any help much appreciated!

 

Below, I am adding some log outputs:

Adding CA certificate to the truststore.
CA certificate is successfully added to the truststore.
vrts.vss.sdk.at.exception.VRTSAtException: Unexpected VxAT Error
at vrts.vss.sdk.at.lib.core.Authenticator.atSecConnConnectEx(Native Method)
at vrts.vss.sdk.at.lib.core.Authenticator.vrtsAtSecConnConnectEx(Authenticator.java:3698)
at vrts.vss.sdk.at.lib.core.Authenticator.vrtsAtSecConnConnectEx(Authenticator.java:3649)
at vrts.shared.server.VxATSocket.sslConnect(VxATSocket.java:749)
at vrts.shared.server.ServerInterface.secureConnect(ServerInterface.java:1636)
at vrts.shared.server.ServerInterface.connectToServiceViaVNETD(ServerInterface.java:1933)
at vrts.shared.server.ServerInterface.executeRun(ServerInterface.java:4098)
at vrts.shared.server.ServerInterface.run(ServerInterface.java:3075)
CertificateAuthenticationException encountered, Verification of X.509 certificate failed when connecting to the bpjava msvc service on nb-appliance.
[10/27/21 11:47:10 AM CEST {1635328030269}] [-1] [Session] abort: closing all bpjava-sessions
[10/27/21 11:47:10 AM CEST {1635328030269}] [-1] [Session] nothing to deinitialize

Log from nb-appliance:/log/openv/nbatd

0,51216,18,18,29,1635326337399,18597,139989181687616,0:,137:ACE_SSL (18583|139989181687616) error code: 336105606 - error:14089086:SSL routines:ssl3_get_client_certificate:certificate verify failed,9:debugmsgs,1
0,51216,18,18,30,1635326337400,18597,139989181687616,0:,119:ACE_SSL (18583|139989181687616) error code: 336462231 - error:140E0197:SSL routines:SSL_shutdown:shutdown while in init,9:debugmsgs,1
0,51216,18,18,1,1635327338124,35291,140643880494912,0:,37:(server.cpp:1516) At Init successful.,9:debugmsgs,1
0,51216,18,18,2,1635327338125,35305,140643880494912,0:,62:(server.cpp:1549) Initialized local configuration successfully,9:debugmsgs,1
0,51216,18,18,3,1635327338174,35305,140643880494912,0:,48:server.cpp:1574) *** Broker Not In FIPS mode ***,9:debugmsgs,1
0,51216,18,18,4,1635327338174,35305,140643880494912,0:,68:(server.cpp:1152) Detailed broker log would be available in UL file ,9:debugmsgs,1
0,51216,18,18,5,1635327338175,35305,140643880494912,0:,79:(server.cpp:366) SetDebugLevelForUL::ProductID:51216, OriginID:18, DebugLevel:1,9:debugmsgs,1
0,51216,18,18,6,1635327338237,35305,140643880494912,0:,36:(server.cpp:1605) Loaded all plugins,9:debugmsgs,1
0,51216,18,18,7,1635327338251,35305,140643880494912,0:,125:(../registry/atregistry.cpp:616) AtRegistry<LOCK>::OpenSection failed. sub_section = root@nb-appliance, fCreate 0, Errno = -1,9:debugmsgs,1
0,51216,18,18,8,1635327338386,35305,140643880494912,0:,39:(brokersetup.cpp:128) TLS key generated,9:debugmsgs,1
0,51216,18,18,9,1635327338387,35305,140643880494912,0:,40:(brokersetup.cpp:142) TLS cert generated,9:debugmsgs,1
0,51216,18,18,10,1635327338387,35305,140643880494912,0:,63:(brokersetup.cpp:155) ACE_SSL_Context set with TLS cert and key,9:debugmsgs,1
0,51216,18,18,11,1635327338387,35305,140643880494912,0:,69:(brokersetup.cpp:169) broker cert added in ACE_SSL_Context cert chain,9:debugmsgs,1
0,51216,18,18,12,1635327338387,35305,140643880494912,0:,65:(brokersetup.cpp:189) RB cert added in ACE_SSL_Context cert chain,9:debugmsgs,1
0,51216,18,18,13,1635327338392,35305,140643880494912,0:,54:(server.cpp:1800) Broker discovery using mDNS disabled,9:debugmsgs,1
0,51216,18,18,14,1635327338393,35305,140643880494912,0:,75:(brokersetup.cpp:1085) Automatic broker credential renewal flag is enabled.,9:debugmsgs,1
0,51216,18,18,15,1635327338393,35305,140643880494912,0:,75:(brokersetup.cpp:1086) Broker credential would be renewed before its expiry,9:debugmsgs,1
0,51216,18,18,16,1635327338394,35305,140643880494912,0:,121:(server.cpp:934) Error! Check if a different instance of this program or another program is already running on port 13783,9:debugmsgs,1
0,51216,18,18,17,1635327338395,35305,140643880494912,0:,42:(server.cpp:1831) Broker Raised Exception!,9:debugmsgs,1
0,51216,18,18,18,1635327338395,35305,140643880494912,0:,81:(broker_excep.cpp:133) Error: -1 - Failed to open the acceptor in server.cpp(935),9:debugmsgs,1
0,51216,18,18,19,1635327338397,35305,140643880494912,0:,42:(server.cpp:1863) Broker shutdown complete,9:debugmsgs,1
0,51216,18,18,31,1635327970589,18597,139989105186560,0:,73:(client_handler.cpp:150) New thread spawned to handle the client request.,9:debugmsgs,1
0,51216,18,18,32,1635327976251,18597,139989105186560,0:,48:(msgtransport.cpp:92) Cannot read version number,9:debugmsgs,1
0,51216,18,18,33,1635327976256,18597,139989105186560,0:,73:(client_handler.cpp:158) Finished handling client request.Thread exiting.,9:debugmsgs,1
0,51216,18,18,34,1635328021168,18597,139989105186560,0:,73:(client_handler.cpp:150) New thread spawned to handle the client request.,9:debugmsgs,1
0,51216,18,18,35,1635328021214,18597,139989105186560,0:,71:(client_handler.cpp:1041) Got certificate request command from the peer,9:debugmsgs,1
0,51216,18,18,36,1635328021260,18597,139989105186560,0:,48:(msgtransport.cpp:92) Cannot read version number,9:debugmsgs,1
0,51216,18,18,37,1635328021262,18597,139989105186560,0:,73:(client_handler.cpp:158) Finished handling client request.Thread exiting.,9:debugmsgs,1
0,51216,18,18,38,1635328021292,18597,139989105186560,0:,73:(client_handler.cpp:150) New thread spawned to handle the client request.,9:debugmsgs,1
0,51216,18,18,39,1635328021480,18597,139989105186560,0:,48:(msgtransport.cpp:92) Cannot read version number,9:debugmsgs,1
0,51216,18,18,40,1635328021480,18597,139989105186560,0:,73:(client_handler.cpp:158) Finished handling client request.Thread exiting.,9:debugmsgs,1

 

1 ACCEPTED SOLUTION

Accepted Solutions

davidmoline
Level 6
Employee

Hi @JimmyB2 

Which OVF did you deploy? When you say installation has completed - what do you mean, has the OVF deployed successfully, or have you finished the configuration of the virtual appliance and configured the NetBackup role. 

Basic steps required:

  1. Deploy OVF
  2. Configure network settings and hostname (requires hostname lookup to be working, and the IP needs to be configured on eth1, not eth0)
  3. Configure role

Being able to reach the CLI just means the virtual appliance is running. 

David

View solution in original post

2 REPLIES 2

davidmoline
Level 6
Employee

Hi @JimmyB2 

Which OVF did you deploy? When you say installation has completed - what do you mean, has the OVF deployed successfully, or have you finished the configuration of the virtual appliance and configured the NetBackup role. 

Basic steps required:

  1. Deploy OVF
  2. Configure network settings and hostname (requires hostname lookup to be working, and the IP needs to be configured on eth1, not eth0)
  3. Configure role

Being able to reach the CLI just means the virtual appliance is running. 

David

View solution in original post

Hi @davidmoline !

You are right! After deploying OVF and setting the network settings and hostname, it was necessary to make the Netbackup Virtual Appliance Master server! Then, it was possible to login to GUI!

Thanks!