Solved: Error: Zapi::invoke failed to connect SSL

GSC · ‎2020-08-29

Hi All,

We recently upgraded CDOT to NetApp Release 9.7P4 with netapp-harvest version netapp-harvest-1.6-1.noarch. Now we are not getting data and the log shows:

[sysinfo] Update of system-info cache DOT Version failed with reason: in Zapi::invoke failed to connect SSL ; Recommend to verify TLS is enabled (7-mode: options tls.enable) an secureadmin setup ssl)

What would be the problem and any suggestion to fix this?

Thanks.

NetApp_SR · ‎2020-09-02

The NetApp Harvest IAG says "Harvest communicates with monitored systems exclusively via HTTPS using TLSv1". The TLSv1 protocol may be disabled on the cluster. When FIPS 140-2 compliance is enabled, TLSv1 and SSLv3 are disabled. ONTAP prevents you from enabling TLSv1 and SSLv3 when FIPS 140-2 compliance is enabled. Check to be sure TLSv1 is enabled to allow communication.

cluster::>security config show

View solution in original post

NetApp_SR · ‎2020-09-02

The NetApp Harvest IAG says "Harvest communicates with monitored systems exclusively via HTTPS using TLSv1". The TLSv1 protocol may be disabled on the cluster. When FIPS 140-2 compliance is enabled, TLSv1 and SSLv3 are disabled. ONTAP prevents you from enabling TLSv1 and SSLv3 when FIPS 140-2 compliance is enabled. Check to be sure TLSv1 is enabled to allow communication.

cluster::>security config show

GSC · ‎2020-09-03

Thanks for the suggestion to check the SSL and it shows that it was disabled. I found out that the netapp-harvest certificate was expired and installed a new one and now it is working back again.