Backup & Recovery

 View Only
  • 1.  VDP: Failed to attach disk

    Posted Mar 22, 2015 02:15 PM

    I'm evaluating vDP and have got the following trouble. After I changed SSL certificate at vCenter server, vDP jobs are failing permanently.

    In the log I can see that vDP is trying to connect to the hypervisor where the VM is located. During connect disk mount fails with the error "unable to get local issuer certificate".

    I can see that vDP is trying to connect to the port 902. I tried to verify that the certificate is correct using the following command:

    echo -n | openssl s_client -connect $SERVERNAME:$PORTNUMBER | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/$SERVERNAME.cert

    I found that at port 443 certificate is correct, but at port 902 I get the following error:

    140735160738656:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:795:

    $SERVERNAME here is a FDQN of the hypervisor.

    I guess that means that port 902 is not protected with SSL. How can I fix that?

    Update:

    $ echo -n | openssl s_client -connect $SERVERNAME:902

    CONNECTED(00000003)

    140735160738656:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:795:

    ---

    no peer certificate available

    ---

    No client certificate CA names sent

    ---

    SSL handshake has read 7 bytes and written 308 bytes

    ---

    New, (NONE), Cipher is (NONE)

    Secure Renegotiation IS NOT supported

    Compression: NONE

    Expansion: NONE

    ---



  • 2.  RE: VDP: Failed to attach disk

    Posted Mar 27, 2015 03:32 PM

    I installed ESXi+vCenter+vDP from scratch. Backup works in this configuration. Here is what I see at port 902:

    $ echo -n | openssl s_client -connect test-esxi-host-with-self-signed-certs:902

    CONNECTED(00000003)

    140735160738656:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:795:

    ---

    no peer certificate available

    ---

    No client certificate CA names sent

    ---

    SSL handshake has read 7 bytes and written 308 bytes

    ---

    New, (NONE), Cipher is (NONE)

    Secure Renegotiation IS NOT supported

    Compression: NONE

    Expansion: NONE

    ---



  • 3.  RE: VDP: Failed to attach disk

    Posted Mar 27, 2015 07:59 PM

    In file /space/avamarclient/vddkconfig.ini the option that is responsible for SSL checks is disabled. Why does it fail anyway? :smileysad:

    tmpDirectory="/usr/local/avamarclient/var/vmware/temp"

    #transport.LogLevel ( 0 = quiet, 6 = most)

    vixDiskLib.transport.LogLevel=2

    vixDiskLib.disklib.EnableCache=1

    #network file copy options

    #nfc.LogLevel (0 = none, 1 = Error, 2 = Warning, 3 = Info, 4 = Debug)

    vixDiskLib.nfc.LogLevel=2

    #xxxTimeoutMS of 0 is no timeout

    vixDiskLib.nfc.AcceptTimeoutMs=0

    vixDiskLib.nfc.RequestTimeoutMs=0

    vixDiskLib.nfc.ReadTimeoutsMs=0

    vixDiskLib.nfc.WriteTimeoutsMs=0

    vixDiskLib.nfcFssrvr.TimeoutMs=0

    #turn off the the SSL certificat verification

    vixDiskLib.linuxSSL.verifyCertificates=0



  • 4.  RE: VDP: Failed to attach disk

    Posted Feb 22, 2017 10:47 AM

    Hi antonio7

    I had the same problems on a vSphere 5 environment with VDP 6.1.3 and fixed it though re-configuring VDDK on the VDP appliance:

    see http://www.virtuallypeculiar.com/2017/01/vdp-613-esxi-51-compatibility-issues.html

    Hot-Add is now working again.

    Regards,

    jengl