CAIQUM-7114: Cluster addition or monitoring failing in AIQUM 9.14+ with CA signed certificate and cloud agent enabled
- Views:
- 63
- Visibility:
- Public
- Votes:
- 0
- Category:
- active-iq-unified-manager
- Specialty:
- om
- Last Updated:
- 5/16/2025, 10:47:15 AM
Issue
- In the scenario where AIQUM 9.14+ is using CA signed certificate on port 443, cloud agent is enabled in server.properties file, and ONTAP in 9.14 or higher, cluster addition and collections fail with cloud agent connection error
server_acq.log:
ERROR [acq-facade-init-thread-ds-2] c.n.u.CloudAgentConnectionUtil (CloudAgentConnectionUtil.java:254) - Establishing connection with cluster <cluster_ip> failed
ERROR [acq-facade-init-thread-ds-1] c.n.u.CloudAgentConnectionUtil (CloudAgentConnectionUtil.java:223) - Failed to establish connection for cloud agent instance "UnifiedManager<aiqum_system_id>". Reason: Certificate error: self-signed certificate in certificate chain._
ERROR [acq-facade-init-thread-ds-1] c.n.u.CloudAgentConnectionUtil (CloudAgentConnectionUtil.java:254) - Establishing connection with cluster <cluster_ip> failed
- As soon as AIQUM uses a self-signed certificate, REST collections will continue to work
- The issue is only present in the scenario where CA signed cert is used on AIQUM and cloud agent is enabled for REST collections
