Cannot upload MC image to upgrade it.

book

Article ID: 171749

calendar_today

Updated On:

Products

Director

Issue/Introduction

Upgrading the Management Center (MC) v 1.11.x to a newer version. The protocols supported for this are HTTP and HTTPS. 

Choosing HTTPS schema returns an error.

Management Center# installed-systems add https://1.1.1.1/uploads/bccm_2_0-219045.bcsi

Enter server username (optional): username
Enter server password: password
Download URL:       https://1.1.1.1/uploads/bccm_2_0-219045.bcsi
Downloaded bytes:   0
Download failed (connection error or malformed URL)

Cause

The SSL handshake failed as the server certificate validation has failed.

The server certificate is either:

  • Not trusted
  • Self-signed
  • Uses incorrect/missing chain
  • Has an incorrect CN.

Resolution

As an immediate workaround, you can use HTTP in the upload command. This implies that you need an HTTP server to host the file.

To fix the server certificate error do a packet capture on the server and find out which of the above causes the SSL handshake to fail.

Follow Create a signed certificate for the management interface in Management Center (MC) to upload the missing certificates in the chain (Step 7).

Additional Information

Note: You can host the image on Management Center, however you will run into the same issue unless you enable HTTP access to Management Center,

(config)# security http enable

Then upload the image to Management Center as a file, change it's file type accordingly and change the url to the format http://mc ip:8080/image

Be aware enabling HTTP access is a security risk.