Improve company productivity with a Business Account.Sign Up

x
?
Solved

Ubuntu MaaS ssl error vmware vcenter 6 connection

Posted on 2016-08-01
1
Medium Priority
?
117 Views
Last Modified: 2016-08-01
Ubuntu Server 16.04.1
MaaS 2.0 Beta 3
vmware vcenter 6

pyvmomi-5.5.0.2014.1.1 which is installed manually for python 3 because i read it would fix my problem

this is the error I'm getting:

Aug 1 13:21:26 maas sh[5319]: 2016-08-01 13:21:25 [-] /usr/lib/python3/dist-packages/urllib3/connectionpool.py:794: requests.packages.urllib3.exceptions.InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html

Aug 1 13:21:26 maas maas.rpc.cluster: Failed to probe and enlist VMware nodes: (vim.fault.HostConnectFault) {#012 dynamicType = ,#012 dynamicProperty = (vmodl.DynamicProperty) [],#012 msg = '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)',#012 faultCause = ,#012 faultMessage = (vmodl.LocalizableMessage) []#012}

i read several old posts from last year on how on to fix that. but none of them work or even point me to the files which i have to edit.

somebody please point me in the right direction so that i can deploy my vmware nodes.

i tried MaaS 1.8/1.9 and now 2.0 and each version has problems that cannot be solved or are solved in future version but bring now bugs with it.
0
Comment
Question by:Member_2_7969923
1 Comment
 

Accepted Solution

by:
Member_2_7969923 earned 0 total points
ID: 41737950
this what someone on ppa bug tracker suggested and worked.

Downloading the self-signed certificates from your VMware system and configuring your system to consider them trusted should work. The process I use for this is as follows:

$ sudo -i
# openssl s_client -connect 10.230.8.210:443 -showcerts < /dev/null
# mkdir /usr/share/ca-certificates/custom
# nano /usr/share/ca-certificates/custom/vmware.crt
<paste certificate>
# dpkg-reconfigure ca-certificates

Note, however, that this only works if the self-signed SSL certificate for the VMware system has a properly configured common name (or subject alternate name) so that the SSL library can match the IP address or hostname to the connection string.

In MAAS 2.x, you can work around this issue by adjusting the power parameters for your VMware servers. In our lab environments, we use the following command line to add a VMware chassis:

maas profile machines add-chassis chassis_type=vmware username=vmware-username password=vmware-password protocol='https+unverified' hostname=vmware-api-ip-address prefix_filter=maas

(This will add all VMs named "maas*" to MAAS.)
0

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Can you run Linux on a Windows system?  Yep.  Here's how.
The short tutorial provides step by step instructions on how to change the password of the Root user by using Vmware PowerCLI. I hope you find it very useful.
Teach the user how to use vSphere Update Manager to update the VMware Tools and virtual machine hardware version Open vSphere Client: Review manual processes for updating VMware Tools and virtual hardware versions: Create a new baseline group in vSp…
This Micro Tutorial steps you through the configuration steps to configure your ESXi host Management Network settings and test the management network, ensure the host is recognized by the DNS Server, configure a new password, and the troubleshooting…

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question