Error connecting to NSX IP while configuring NSX-T settings for PKS
search cancel

Error connecting to NSX IP while configuring NSX-T settings for PKS

book

Article ID: 298540

calendar_today

Updated On:

Products

VMware Tanzu Kubernetes Grid Integrated Edition VMware NSX

Issue/Introduction

While configuring NSX certification following the path: Go to Bosh Director tile, select vCenter config, select NSX Networking, select NSX Mode (NSX-T), click NSX CA Cert, tile help says that the field is optional but that is not the case if your NSX-T Manager is using a CA cert trusted or otherwise.

Below error can be seen on the screen 
Please review the errors below
Error connecting to NSX IP: The NSX server is using an untrusted CA cert. Please provide the NSX CA cert
All errors will be reverified before installation.

Environment

VMware NSX-T for Data Center
VMware NSX

Cause

When you configure NSX CA Cert from the following path: go to Bosh Director tile, select vCenter config, select NSX Networking, select NSX Mode (NSX-T), click NSX CA Cert; the certificate under NSX CA Cert is used to authenticate with the NSX-T Manager. If NSX-T manager is using a CA cert and it is not provided in the tile this authentication fails.

Resolution

  1. If the NSX-T manager CA certificate was never generated please follow these steps to generate and register CA cert. 
  2. If the certificate was generated while installing NSX-T using the below command to get the certificate 
    openssl s_client -connect $NSX_MANAGER_IP:443 -showcerts



Powered by Wolken Software