Hello all,
I'm currently having a problem pairing sites after the IP address of one of the SRM servers needed to change. I ran through the modify install to attempt to have it pick up the new IP and pair again. I even tried uninstalling SRM completely, creating a brand new VM and installed SRM on it with the new IP. The correct IP is shown in the web interface and also the managed object browser under the vcDr extension. The "Pair Sites" wizard does complete successfully after typing in the required info. The pop up goes away but the paired site never shows up in the web client. The desktop vSphere client shows that the sites are trying to pair, but it eventually gives one of two errors:
After seeing these I tried to create new admin accounts under vsphere.local for both sites and set vsphere.local to default domain. Ran through modify install again with new account info, and typed new account info while attempting to pair sites, but I still get the same problem.
Digging into the vmware-dr.log shows me that the SSL client handshake fails, and then SSO login fails assuming due to the SSL/certificate problem. Here were those two messages that stood out to me:
-------------------------
Certificate Errors
-------------------------
2016-03-08T13:05:23.541-06:00 [01084 warning 'DrSiteSiteManager'] SSL client handshake to 'vcenter.vmware.com:443' failed.
--> std::exception 'class Vmacore::Ssl::SSLVerifyException' "SSL Exception: Verification parameters:
--> PeerThumbprint: 5C:C7:DA:1A:80:FF:41:C8:FE:FA:CE:B0:9A:A4:49:DA:57:4E:92:C3
--> ExpectedThumbprint:
--> ExpectedPeerName: vcenter.vmware.com
--> The remote host certificate has these problems:
-->
--> * The host certificate chain is incomplete.
-->
--> * unable to get local issuer certificate"
2016-03-08T13:05:23.541-06:00 [02464 warning 'DrSiteSiteManager'] SSL client handshake to '192.168.2.201:9086' failed.
--> std::exception 'class Vmacore::Ssl::SSLVerifyException' "SSL Exception: Verification parameters:
--> PeerThumbprint: 8F:7D:47:65:C9:E1:71:47:D8:46:49:DD:32:2E:12:5D:59:3C:2F:0A
--> ExpectedThumbprint:
--> ExpectedPeerName: 192.168.2.201
--> The remote host certificate has these problems:
-->
--> * The host certificate chain is incomplete.
-->
--> * unable to get local issuer certificate"
--------------------------------
login error after the certificate errors
---------------------------------
2016-03-08T13:05:30.325-06:00 [02992 error 'DrSiteUserManager.ConnHandler' connID=sso-admin-c0f5] `anonymous-namespace'::ConnectHandler::LoginComplete: Unable to login into the SSO admin end point as {Name: SRM-afbfc012-c0a3-4fbb-ac30-bb3d18af3bd2; Domain:vsphere.local}. SSO server time delta is 0 s. Exception:
--> (sso.fault.InvalidCredentials) {
--> faultCause = (vmodl.MethodFault) null,
--> msg = "Received SOAP response fault from [<cs p:000000000c2395a0, TCP:vcenter.vmware.com:443>]: login
--> "
--> }
2016-03-08T13:05:30.325-06:00 [02992 warning 'DrSiteUserManager' connID=sso-admin-c0f5] Failed to connect: (sso.fault.InvalidCredentials) {
--> faultCause = (vmodl.MethodFault) null,
--> msg = "Received SOAP response fault from [<cs p:000000000c2395a0, TCP:vcenter.vmware.com:443>]: login
--> "
--> }
If anyone has any ideas or pointers to help me out, I would greatly appreciate it.
Thank you