Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Ubuntu MaaS ssl error vmware vcenter 6 connection

Posted on 2016-08-01
1
19 Views
Last Modified: 2016-08-01
Ubuntu Server 16.04.1
MaaS 2.0 Beta 3
vmware vcenter 6

pyvmomi-5.5.0.2014.1.1 which is installed manually for python 3 because i read it would fix my problem

this is the error I'm getting:

Aug 1 13:21:26 maas sh[5319]: 2016-08-01 13:21:25 [-] /usr/lib/python3/dist-packages/urllib3/connectionpool.py:794: requests.packages.urllib3.exceptions.InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html

Aug 1 13:21:26 maas maas.rpc.cluster: Failed to probe and enlist VMware nodes: (vim.fault.HostConnectFault) {#012 dynamicType = ,#012 dynamicProperty = (vmodl.DynamicProperty) [],#012 msg = '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)',#012 faultCause = ,#012 faultMessage = (vmodl.LocalizableMessage) []#012}

i read several old posts from last year on how on to fix that. but none of them work or even point me to the files which i have to edit.

somebody please point me in the right direction so that i can deploy my vmware nodes.

i tried MaaS 1.8/1.9 and now 2.0 and each version has problems that cannot be solved or are solved in future version but bring now bugs with it.
0
Comment
Question by:Member_2_7969923
1 Comment
 

Accepted Solution

by:
Member_2_7969923 earned 0 total points
ID: 41737950
this what someone on ppa bug tracker suggested and worked.

Downloading the self-signed certificates from your VMware system and configuring your system to consider them trusted should work. The process I use for this is as follows:

$ sudo -i
# openssl s_client -connect 10.230.8.210:443 -showcerts < /dev/null
# mkdir /usr/share/ca-certificates/custom
# nano /usr/share/ca-certificates/custom/vmware.crt
<paste certificate>
# dpkg-reconfigure ca-certificates

Note, however, that this only works if the self-signed SSL certificate for the VMware system has a properly configured common name (or subject alternate name) so that the SSL library can match the IP address or hostname to the connection string.

In MAAS 2.x, you can work around this issue by adjusting the power parameters for your VMware servers. In our lab environments, we use the following command line to add a VMware chassis:

maas profile machines add-chassis chassis_type=vmware username=vmware-username password=vmware-password protocol='https+unverified' hostname=vmware-api-ip-address prefix_filter=maas

(This will add all VMs named "maas*" to MAAS.)
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
When rebooting a vCenters 6.0 and try to connect using vSphere Client we get this issue "Invalid URL: The hostname could not parsed." When we get this error we need to do some changes in the vCenter advanced settings to fix the issue.
Teach the user how to use create log bundles for vCenter Server or ESXi hosts Open vSphere Web Client: Generate vCenter Server and ESXi host log bundle:  Open vCenter Server Appliance Web Management interface and generate log bundle: Open vCenter Se…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question