So i uploaded my new certs, everything went fine, prism then restarted, but then I get the following message when trying to connect again.
refused to connect.
I’ve stoped the prism service and did a cluster start, prism is showing as running but I can’t get anything other then the above message.
I can’t even update the certs again incase its a cert issue as the web interface is not working and I can’t for the life of me find a way to do it via ssh.
Getting the following in helt checks
Running : health_checks system_checks check_ssl_expiry
[==================================================] 100%
/health_checks/system_checks/check_ssl_expiry ERR ]
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
Detailed information for check_ssl_expiry:
Node XXX.XXX.XXX.XXX:
ERR : Failed to check expiry. ErrMsg: xErrno 111] Connection refused
Node XXX.XXX.XXX.XXX:
ERR : Failed to check expiry. ErrMsg: eErrno 111] Connection refused
Node XXX.XXX.XXX.XXX:
ERR : Failed to check expiry. ErrMsg: eErrno 111] Connection refused
Node XXX.XXX.XXX.XXX:
ERR : Failed to check expiry. ErrMsg: eErrno 111] Connection refused
Node XXX.XXX.XXX.XXX:
ERR : Failed to check expiry. ErrMsg: eErrno 111] Connection refused
Node XXX.XXX.XXX.XXX:
ERR : Failed to check expiry. ErrMsg: eErrno 111] Connection refused
Refer to KB 11493 (http://portal.nutanix.com/kb/11493) for details on check_ssl_expiry or Recheck with: ncc health_checks system_checks check_ssl_expiry --cvm_list=XXX.XXX.XXX.XXX,XXX.XXX.XXX.XXX,XXX.XXX.XXX.XXX,XXX.XXX.XXX.XXX,XXX.XXX.XXX.XXX,XXX.XXX.XXX.XXX
One or more plugins generated ERROR as the check execution couldn't be completed. Please re-run the check individually or reach out to Nutanix Support.
+-----------------------+
| State | Count |
+-----------------------+
| Error | 1 |
| Total Plugins | 1 |
+-----------------------+
Plugin output written to /home/nutanix/data/logs/ncc-output-latest.log
So I came accross this, and managed to generate new certs insteaf of importing (import command would not work) ssl-certificate: SSL Certificate
After generating them with
ssl-certificate ssl-certificate-generate
I ran the following to restart prism too
genesis stop prism
cluster start
and it came back up! Painfull but it worked! Some of the ncli commands keps comming back with errors so the default generate was the route I took.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
