ONTAPで証明書が受け入れられないため、AIQUMにONTAPクラスタを追加できません

最後の更新
PDFとして保存

Views:: 6

Visibility:: Public

Votes:: 0

Category:: active-iq-unified-manager

Specialty:: om

Last Updated:

環境

Active IQ Unified Manager（AIQUM）9.14
ONTAP 9.9.1
他のONTAPクラスタをAIQUMに追加可能
Cloud Agentが無効になっています

問題

ONTAPクラスタをAIQUMに追加すると失敗します。

Unable to add cluster data source. This can occur if the clocks on the systems are not synchronized and the Active IQ Unified Manager HTTPS certificate start date is later than the date on the cluster, or if the cluster has reached the maximum number of EMS notification destinations.

jboss/server_acq.log フォーマットが正しくないためにAIQUM証明書のインストールが失敗することを示します。

INFO [default task-55] c.o.s.a.s.AcquisitionFacadeUtil (AcquisitionFacadeUtil.java:106) - [EMS] - Installing Server Certificate INFO [default task-55] c.n.o.n.e.EmsZapiManager (EmsZapiManager.java:98) - [EMS ZAPI] - Install Security Certificate - Common Name: <AIQUM_HOST>, Type: server-ca, Certificates: -- omitted -- ERROR [default task-55] c.o.s.a.s.AcquisitionFacadeUtil (AcquisitionFacadeUtil.java:202) - failed to register EMS: : com.netapp.oci.netapp.client.interfaces.data.EmsManagerException: Failed to read the certificate due to incorrect formatting. (errno=61102) at deployment.mega-app.ear.server-core.jar//com.netapp.oci.netapp.ems.EmsZapiManager.installSecurityCertificate(EmsZapiManager.java:112) at deployment.mega-app.ear.server-core.jar//com.netapp.oci.netapp.ems.EmsManager.installSecurityCertificate(EmsManager.java:79) at deployment.mega-app.ear.server-core.jar//com.onaro.sanscreen.acquisition.sessions.AcquisitionFacadeUtil.registerEms(AcquisitionFacadeUtil.java:108) at deployment.mega-app.ear.server-core.jar//com.netapp.sanscreen.acquisition.sessions.rest.service.impl.AcquisitionFacadeSessionServiceImpl.addDS(AcquisitionFacadeSessionServiceImpl.java:805) at deployment.mega-app.ear.server-api.war//com.netapp.sanscreen.acquisition.sessions.rest.service.impl.AcquisitionFacadeSessionServiceImpl$$FastClassBySpringCGLIB$$92eba61a.invoke(<generated>)

/etc/log/mlog/audit.log ONTAPで形式の誤りが原因でsecurity-certificate-install ZAPIが失敗すると表示される

[kern_audit:info:2618] 8503e8000016ec3b :: <NODE>:ontapi :: <AIQUM_IP>:63869 :: <NODE>:admin :: <netapp version='1.0' xmlns='http://www.netapp.com/filer/admin' nmsdk_version='9.8P7D1' nmsdk_platform='Windows Server 2022' nmsdk_language='Java'><security-certificate-install><type>server-ca</type><certificate>-----BEGIN CERTIFICATE-----.. [kern_audit:info:2618] 8503e8000016ec3b :: <NODE>:ontapi :: <AIQUM_IP>:63869 :: <NODE>:admin :: security-certificate-install :: Error: Failed to read the certificate due to incorrect formatting.