HPE Community
HPE OneView
1752348 Members
6070 Online
108787 Solutions
New Discussion

Re: OneView Certificate Error

 
Chris_L1
Advisor

‎10-03-2017 04:35 AM

‎10-03-2017 04:35 AM

OneView Certificate Error

Issue with OV ver. 3.10.07-0310774 - all set to recommended HPE specs

I am receiving the following error in OneView:
Client Certificate Generation.
Issue: Error occurred while generating client certificate.
Error occurred while creating Key pairs.
Resolution: Please retry the operation.

We have two OV instances in our organization - both are identical in setup - only difference is the IP addresses - this is only occurring on one of the instances.

Went through PowerShell and verified that all certs were identical on both systems -
No HPOV Trusted Domain Certs
Only HPOV Self-Signed Certs

Using PowerShell, removed HPOV Self-Signed Cert and verified that it was deleted. No change - still receiving error.

Regenerated/reinstalled new Self-Signed Cert and verified that it was present. No change - still receiving error.

Checked Self-Signed Cert, noticed that its date was same as the one previously deleted.

Issue started back with OV Ver. 2.9 and has continued. Error occurs every five minutes and I receive two of the same errors. The errors are locked and filling the "Activity" section - currently have over 13k messages that cannot be deleted.

Also - what is the operation that I need to retry? Generating the client cert or creating key pairs and how can I do this via PowerShell?

Thanks in advance.

0 Kudos
Reply
10 REPLIES 10
Chris_L1
Advisor

‎10-03-2017 04:41 AM - edited ‎10-03-2017 04:43 AM

‎10-03-2017 04:41 AM - edited ‎10-03-2017 04:43 AM

Re: OneView Certificate Error

Note:  We are also running Global Dashboard ver. 1.20 and this appliance shows as "Failed" in the GD.  We had the same error previously and could not remove it from GD so we rebuilt the GD and tried to re-add it.  It is currently NOT in the GD.

0 Kudos
Reply
ChrisLynch
HPE Pro

‎10-03-2017 06:45 AM

‎10-03-2017 06:45 AM

Re: OneView Certificate Error

You need to regenerate the SCMB certificate.  Use the Remote-HPOVScmbCertificate and then the Get-HPOVScmbCertificates Cmdlets.


I am an HPE employee

Accept or Kudo

0 Kudos
Reply
Chris_L1
Advisor

‎10-11-2017 08:39 AM

‎10-11-2017 08:39 AM

Re: OneView Certificate Error

Still having the issue - I get the following error:

Get-HPOVScmbCertificates : The requested resource '/rest/certificates/client/rabbitmq/keypair/default' could not be found. Please supply a valid and unique common name and try again.

on anything I try - this includes giving a specific location, using "-AsSecureString", not using "-AsSecureString" or just a simple "Get-HPOVScmbCertificates" command.  Looking for the next step and have tapped my resources here..

Thanks

0 Kudos
Reply
ChrisLynch
HPE Pro

‎10-11-2017 08:45 AM

‎10-11-2017 08:45 AM

Re: OneView Certificate Error

Hmm... I just tested this with a 3.10 appliance with the current 3.10 library and did not get the exception message you did.  Can you go to http://github.com/HewlettPackard/POSH-HPOneView/issues and open a new issue there so we can triage?


I am an HPE employee

Accept or Kudo

0 Kudos
Reply
Chris_L1
Advisor

‎10-11-2017 10:47 AM

‎10-11-2017 10:47 AM

Re: OneView Certificate Error

Requested GitHub issue #295 has been posted.

0 Kudos
Reply
micke_christen
Advisor

‎01-17-2018 11:10 PM

‎01-17-2018 11:10 PM

Re: OneView Certificate Error

Did you solve this?

I have seen this problem just now.

/Mikael

Micke_Christenson
0 Kudos
Reply
ChrisLynch
HPE Pro

‎01-18-2018 07:03 AM

‎01-18-2018 07:03 AM

Re: OneView Certificate Error

After doing some research on this topic, it appears that this happens with an appliance that has been upgraded multiple time from prior versions and that this is actually the SCMB certificate.  So, the advice here is to remove and regenerate the SCMB certificates.

You can do this with the PowerShell library:

  1. Remove-HPOVScmbCertificate
  2. then Get-HPOVScmbCertificate

I am an HPE employee

Accept or Kudo

0 Kudos
Reply
Bart_Heungens
Honored Contributor

‎03-01-2018 08:47 AM

‎03-01-2018 08:47 AM

Re: OneView Certificate Error

Hi Chris,

 

When executing the Remove-HPOVScmbCertificate command I get follwing error:

Remove-HPOVScmbCertificate : The operation has timed out
At line:1 char:1
+ Remove-HPOVScmbCertificate
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Remove-HPOVScmbCertificate], WebException
    + FullyQualifiedErrorId : WebException,Remove-HPOVScmbCertificate

I have the latest POSH libraries installed... Any idea?

 

Kr,

Bart

--------------------------------------------------------------------------------
If my post was useful, clik on my KUDOS! "White Star" !
Reply
HunterT
Frequent Visitor

‎04-09-2018 07:28 AM

‎04-09-2018 07:28 AM

Re: OneView Certificate Error

I receive the same error as well when running the "Remove-HPOVScmbCertificate" command.  Our environment has been upgraded to the latest version, all the from 1.2 when we originally installed.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.