MAAS 2.0 SSL verification error when adding UCSM chassis
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MAAS |
Invalid
|
High
|
Unassigned | ||
2.0 |
Won't Fix
|
High
|
Unassigned |
Bug Description
We recently upgraded our MAAS environment to 2.0:
Ubuntu 14.04.4 -> 16.04.1 (hosted on a ESXi 5.5 virtual machine)
MAAS 1.9.3 -> 2.0.0
After the upgrade to MAAS v2.0, we see an SSL certificate verification error when I try to add a UCSM chassis. If I revert back to a clone of the same machine before the upgrade to MAAS 2.0, I am able to add the UCSM chassis without adding the certificate.
maas.log.1:
Sep 8 13:49:20 cspg-MAAS maas.rpc.cluster: [ERROR] Failed to probe and enlist UCS nodes: <urlopen error [SSL: CERTIFICATE_
rackd.log:
2016-09-08 13:48:37 [HTTPPageGetter
Traceback (most recent call last):
File "/usr/lib/
current.result = callback(
File "/usr/lib/
_inlineCal
File "/usr/lib/
result = result.
File "/usr/lib/
return g.throw(self.type, self.value, self.tb)
--- <exception caught here> ---
File "/usr/lib/
info = yield self._fetch_
twisted.
I found a similar error on launchpad with adding VMware devices (https:/
$ sudo -i
# openssl s_client -connect 192.222.80.1:443 -showcerts < /dev/null
# mkdir /usr/share/
# nano /usr/share/
<paste certificate>
# dpkg-reconfigure ca-certificates
Not sure if this may be an issue or if it's working as expected and the certificates will be required from here on out?
Changed in maas: | |
milestone: | 2.1.0 → 2.1.1 |
Changed in maas: | |
milestone: | 2.1.1 → 2.1.2 |
Changed in maas: | |
milestone: | 2.1.2 → 2.1.3 |
no longer affects: | maas/trunk |
Changed in maas: | |
milestone: | 2.3.0 → 2.3.x |
Hi Jeffrey,
Thanks for reporting the bug. I just want to note that the support for UCSM between MAAS 2.0 vs 1.9 has not changed, so we will need to investigate what's causing the SSL verification.
That said, however, has there been any change in the firmware of your UCSM chassis ? Such us, when youw ere using 1.9 you had version X of firmware, and after you upgraded to 2.0, you had a version Y of firmware?
Thanks!