No access to HTTPS services on new cluster nodes
Applies to
- ONTAP 9
- New cluster nodes
- Cluster expansion
- HTTPS Management
Issue
- HTTPS access to management LIFs works if hosted on nodes previously existing in the cluster.
- No access to node and cluster management over HTTPS on the new nodes.
- Unable to use REST API and ONTAPI on the new nodes.
- Unable to access SPI.
- Browser shows:
ERR_CONNECTION_CLOSED- Curl error:
Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to x.x.x.x:443
- APACHE-ERROR.GZ
[Tue Feb 16 15:51:13.260247 2021 +0000] [ssl:notice] [pid 8817:tid 34385761792] [client x.x.x.x:52234] [vserver 4294967295] No server certificate chain is configured for this vserver
[Tue Feb 16 15:51:13.260292 2021 +0000] [ssl:notice] [pid 8817:tid 34385761792] [client x.x.x.x:52234] [vserver 4294967295] Certificate-based client authentication is not configured for this vserver
[Tue Feb 16 15:51:13.260608 2021 +0000] [ssl:emerg] [pid 8817:tid 34385761792] AH02562: Failed to configure certificate 127.0.0.1:0 (with chain), check /mroot/etc/vserver_4294967295/certificates/ssl/server/147+XXXXXXXXXXXX+cluster/server.crt
[Tue Feb 16 15:51:13.260624 2021 +0000] [ssl:emerg] [pid 8817:tid 34385761792] SSL Library Error: error:02001002:system library:fopen:No such file or directory (fopen('/mroot/etc/vserver_4294967295/certificates/ssl/server/147+XXXXXXXXXXXX+cluster/server.crt','r'))
[Tue Feb 16 15:51:13.260638 2021 +0000] [ssl:emerg] [pid 8817:tid 34385761792] SSL Library Error: error:20074002:BIO routines:FILE_CTRL:system lib
[Tue Feb 16 15:51:13.260651 2021 +0000] [ssl:emerg] [pid 8817:tid 34385761792] SSL Library Error: error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib
[Tue Feb 16 15:51:13.260654 2021 +0000] [ssl:error] [pid 8817:tid 34385761792] [client x.x.x.x:52234] [vserver 4294967295] Failed to initialize SSL context