ONTAP Tools for VMware vSphere: Mutual authentication error when adding storage system to OTV

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 857

Visibility:: Public

Votes:: 0

Category:: virtual-storage-console-for-vmware-vsphere

Specialty:: virt

Last Updated:

Applies to

NetApp ONTAP tools for VMware vSphere (OTV) 9.13P1 and later
NetApp ONTAP 9

Issue

When adding a new storage system to OTV, the following error can be seen:
- An error occurred while adding Storage System. An unspecified error occurred when connecting to the controller at IP address x.x.x.x.
- Any communication between ONTAP tools plug-in and the storage system should be mutually authenticated.
From OTV nvpf.log, similar errors can be seen:

[2024-03-27T15:29:08,021Z] [pool-3-thread-1] [ERROR] Error pushing b92bf2d4-d520-11ec-a973-d039ea4d2b49(addr=192.168.0.101:443, user=admin) com.netapp.vasa.vvol.api0_4.beans.exceptions.VPServerException: com.netapp.offtap3.ConnectionException: Unable to communicate with ONTAP at 192.168.0.101: Certificate is expired. (errno=9999) com.netapp.offtap3.ontap.ApiFailedException: Certificate is expired. (errno=9999)

From ONTAP CLI, we can see an expired certificate.

cluster1::> security certificate show -type server -fields expiration,vserver,serial,common-name,ca vserver common-name serial ca type subtype cert-name expiration -------- ------------------------ ---------------- --------------- ------ ------- ----------------------------------------- ------------------------ cluster1 cluster1.demo.netapp.com A157525492DC6296 demo.netapp.com server - cluster1.demo.netapp.com_A157525492DC6296 Tue May 16 22:05:19 2023 svm1_cluster1 svm1_cluster1 17422E6AED3CDB56 svm1_cluster1 server - svm1_cluster1_17422E6AED3CDB56 Fri Feb 09 14:30:48 2024