Subscribe

OCUM 7.0RC1 - cant add ONTAP 9 systems

[ Edited ]

Hi, we have some 8.3.x cDOT clusters added in OCUM, all working fine.

 

But clusters with version 9 (GA) can't be added.

We get this error:

Cluster add failed. Failed to fetch the HTTPS certificate from *ontap9system*. Enter a valid Hostname or Port.

 

Certificates are not expired, credentials work fine.

 

Any ideas?

 

 

 

Quick update: It works with HTTP (Port 80) but of course we have security concerns so we need to use HTTPS like on the others.

 

Thanks!

Re: OCUM 7.0RC1 - cant add ONTAP 9 systems

What does the following command say?

 

::> system services web show 

Are you adding with the name or the IP address? (try both)

Re: OCUM 7.0RC1 - cant add ONTAP 9 systems

Hi,

 

here you go:

 

External Web Services: true
Status: online
HTTP Protocol Port: 80
HTTPS Protocol Port: 443
HTTP Enabled: true

 

 

Yes it tried both IP and Hostname, it only works with non-secure HTTP...

Re: OCUM 7.0RC1 - cant add ONTAP 9 systems

[ Edited ]

Hi,

 

this may be caused because the hostname listed in the certificate does not match the actual hostname / FQDN of the cluster.

This may happen in case DNS settings or cluster name are changed post cluster setup.

I also wouldn't exclude the cluster setup logic to have a flaw so that hostname/FQDN of the cluster and the certificate don't match.

 

Please try to re-create the SSL certificate according to this KB article:

 

https://kb.netapp.com/support/index?page=content&id=1014389&actp=search&viewlocale=en_US&searchid=1474277936105

 

Although the article is written explicitely for ONTAP 8.1 and 8.2/8.3, please follow those steps outlined for 8.2/8.3 for ONTAP 9. They should be identical.

 

Then try adding the cluster to OCUM.

 

Kind regards, Niels

 

------

If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO or both.

Re: OCUM 7.0RC1 - cant add ONTAP 9 systems

[ Edited ]

There was no DNS / Name change.

Brand new cluster setup, no changes there.

 

New cert didn't help, I have opend a ticket. Lets see...

Re: OCUM 7.0RC1 - cant add ONTAP 9 systems

[ Edited ]

Hi,

 

so the fix / workaround is to modify the hosts file of both OCUM and OCPM by adding the ontap 9 systems.

Although ping worked fine without the host entries, technician said its a bug.