cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Certificate Expiration

Go to solution
kc3
Level 2

‎03-29-2023 06:41 AM

I have a legacy HA system running Cluster Server 6.1. For a non-priviliged user, hastatus -summary is suddenly returning "VCS ERROR V-16-1-53006 Unable to Connect to VCS engine correctly". I suspect the issue is an expired certificate (its been around 8 years) but I don't know which one. The broker, root, and vcsroot certs are not expired (vssat showcred). There are multiple VCS certificates in /var/VRTSvcs/vcsauth/data/ but the manuals don't explain what they are used for. Any idea what cert this could be? Also, can individual certificates, such as CmdServer, be reissued using openssl or is it necessary to go through the entire install process to generate new certificates? Thanks for any insight....

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
frankgfan
Moderator
Moderator
   VIP   

‎03-30-2023 04:11 AM

Since you said the issue was with "For a non-priviliged user," I assumed that the same command worked normal for cluster admin, right?

If my assumption was correct, what you can do is to run hauser -add to add that "non-priviliged user," to a group in which the command can be run (like Operator).

Here is the link to hauser command

https://sort.veritas.com/public/documents/vcs/5.1/linux/manualpages/html/manpages/man1m/hauser.1m.ht...

 

View solution in original post

0 Kudos
2 REPLIES 2

Go to solution
frankgfan
Moderator
Moderator
   VIP   

‎03-30-2023 04:11 AM

Since you said the issue was with "For a non-priviliged user," I assumed that the same command worked normal for cluster admin, right?

If my assumption was correct, what you can do is to run hauser -add to add that "non-priviliged user," to a group in which the command can be run (like Operator).

Here is the link to hauser command

https://sort.veritas.com/public/documents/vcs/5.1/linux/manualpages/html/manpages/man1m/hauser.1m.ht...

 

0 Kudos

Go to solution
kc3
Level 2
In response to frankgfan

‎04-03-2023 08:12 AM

Thanks for the response. By non-privileged I mean non-root and non cluster-admin. The system has a cluster-admin user configured and it has no problem and neither does root. I agree that your solution is a good one and will work - or I can add the user to sudoers. I guess I'm trying to figure out why after many years, hastatus -summary stopped working for this non-root, non cluster-admin, user. It lines up with the 8-year default limit on VCS certs cited in the administrators manual so I was thinking its one of the VCS certs used for secure mode.

0 Kudos