VASA Provider: SSL handshake between ESXi and VP fails with "certificate verify failed"

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 917

Visibility:: Public

Votes:: 2

Category:: netapp-vasa-provider

Specialty:: virt

Last Updated:

Applies to

ONTAP Tools for Vmware (OTV)
VASA Provider (VP)
vVols
VMware vSphere

Issue

Created vVol datastore is inaccessible and may show as 0 bytes
vvold.log on ESXi hosts reports a SSL handshake error when communicating to VASA Provider:

2022-06-21T16:37:21.805Z warning vvold[2574793] [Originator@6876 sub=IO.Connection opID=xxxx] Failed to SSL handshake; SSL(<io_obj p:xxxxx,

h:14, <TCP 'xxx.xxx.xxx.xxx : 25608'>, <TCP '<vasa_provider_ip> : 9083'>>), e: 336134278(certificate verify failed), duration: 3msec

2022-06-21T16:37:21.805Z warning vvold[2574793] [Originator@6876 sub=HttpConnectionPool-000000 opID=xxxx] Failed to get pooled connection; <cs p:xxx, TCP:<vasa_provider_ip>:9083>, SSL(<io_obj p:xxxx, h:14, <TCP 'xxx.xxx.xxx.xxx : 25608'>, <TCP '<vasa_provider_ip> : 9083'>>), duration: 4msec, N7Vmacore3Ssl18SSLVerifyExceptionE(SSL Exception: Verification parameters:

--> PeerThumbprint: XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX

--> ExpectedThumbprint:

--> ExpectedPeerName: <vasa_provider_ip>

--> The remote host certificate has these problems:

-->

--> * unable to get local issuer certificate)