[Linux-cluster] fence_vmware_soap sslv3 alert certificat unkown
Fredrik Hudner
Fredrik.Hudner at evry.com
Fri May 3 13:33:38 UTC 2013
Dear all,
I have a pacemaker cluster and need to setup a stonith fencing agent, in this case fence_vmware_soap.
Environment:
Centos 6.3
fence-agents.x86_64
I'm running the command manually with different options:
# fence_vmware_soap -o off -a vcenter-adress -l drift\vcenter_tdtestclu -p password -n tdtestclu02 -u 443
Unable to connect/login to fencing device
# fence_vmware_soap -o off -a 192.168.231.31 -l drift\vcenter_tdtestclu -p password -z -n tdtestclu02 -u 443
No handlers could be found for logger "suds.client"
Unable to connect/login to fencing device
In vCenters (5.1) system logs I can see the following error:
2013-05-03T14:00:07.031+02:00 [07800 error 'Default'] [0] error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown
2013-05-03T14:00:07.031+02:00 [07800 error 'Default'] SSLStreamImpl::DoServerHandshake (000000005d11ce30) SSL_accept failed. Dumping SSL error queue:
2013-05-03T14:00:07.031+02:00 [07800 warning 'ProxySvc'] SSL Handshake failed for stream TCPStreamWin32(socket=TCP(fd=31640) local=vcentre-adress:443, peer=vcentre-adress:53876), error: class Vmacore::Ssl::SSLException(SSL Exception: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown)
Question is:
Is the unknown certificate the real problem here ? and if so, on which host is it actually missing (source host, vCentre or target host) ?
Any other clues how to get this to work is much appreciated
(and if you need more information, please let me know)
Kind regards
/Fred
More information about the Linux-cluster
mailing list