Symptoms:
Symptoms
In the cross-vCenter NSX Environment, you experience these symptoms:
- Creating an universal object fails on the secondary NSX Manager.
- Certificate was changed on the secondary NSX Manager.
- In the replicator.log file, you see an error similar to:
ERROR pool-4-thread-1 SecondaryReplicationQueue$SecondaryEventDispatcher:151 - Failed to handle event ReplicationEvent [objectId=null, objectType=VirtualWire, eventType=FULL_SYNC] on secondary 92082c51-738c-41f7-99c5-eb82d1b0d597 com.vmware.vshield.replicator.providers.ReplicatorException:
nsx-replicator-mgmt:160307:REST API invocation error.:org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://xx.xx.xx.xx:443/api/2.0/services/common/query/universal/VirtualWire": com.vmware.vshield.commons.utils.trust.UntrustedCertificateException: ; nested exception is javax.net.ssl.SSLException: com.vmware.vshield.commons.utils.trust.UntrustedCertificateException:
Cause
The primary NSX Manager contains certificate thumbprint for each of the secondary NSX Managers. If a certificate on the secondary manager which is a part of NSX Cluster is changed, the replication is breaks as the certificate thumbprint is different.