cloudstack icon indicating copy to clipboard operation
cloudstack copied to clipboard

Published 20 hours ago verified publisher icon apache

Certificate ownership verification failed for client

Open yeganehmehr opened this issue 1 year ago • 3 comments
trafficstars

ISSUE TYPE
  • Other
COMPONENT NAME

CLOUDSTACK VERSION

CLOUDSTACK VERSION

CloudStack 4.17.2.0

CONFIGURATION

advanced networking

OS / ENVIRONMENT

CentOS Linux release 7.8.2003 (Core)

SUMMARY

when i creat vm get thie error 2024-02-26 13:43:02,058 ERROR [o.a.c.c.p.RootCACustomTrustManager] (pool-59459-thread-1:null) (logid:) Certificate ownership verification failed for client: X.X.X.X 2024-02-26 13:43:02,060 ERROR [c.c.u.n.Link] (AgentManager-SSLHandshakeHandler-4:null) (logid:) SSL error caught during wrap data: Certificate ownership verification failed for client: X.X.X.X

yeganehmehr avatar Feb 26 '24 10:02 yeganehmehr

@yeganehmehr is this a clean installation?

DaanHoogland avatar Feb 26 '24 13:02 DaanHoogland

@DaanHoogland No.we update to cloudstack 4.17.2

yeganehmehr avatar Feb 27 '24 05:02 yeganehmehr

@yeganehmehr , you could

  • set auth strictness (ca.plugin.root.auth.strictness) setting to false,
  • restart kvm agent;

if you want secure connections you can then

  • re-provision certificates.
  • set the auth strictness back to true
  • and finally restart cloudstack-agent

let us know how you fare

DaanHoogland avatar Feb 27 '24 09:02 DaanHoogland

Usually post-upgrade, systemvms and routers must be upgraded/re-created. For KVM agents, if there was an issue Daan's advised can be followed to apply the workaround.

Closing as the question has been answered.

rohityadavcloud avatar Apr 30 '24 13:04 rohityadavcloud