HCX failed to deploy NE and reported error message "PKIX path building failed"

search cancel

HCX failed to deploy NE and reported error message "PKIX path building failed"

book

Article ID: 311832

calendar_today

Updated On:

Products

VMware HCX

Issue/Introduction

HCX failed to deploy NE and reported error message below when resyncing the service mesh

Validate RemoteService Mesh failed. Interconnect Service Workflow ValidateRemoteServiceMesh failed. Error: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuildingException: unable to find valid certification path to requested target.

Environment

VMware HCX

VMware NSX (NSX-T)

Cause

This issue can occur if there is a change in NSX-T manager cert.

Resolution

1. Check the NSX-T manager sha256 cert fingerprint via web browser

2. Navigate to the HCX Manager Admin UI page (https://<HCX-IP>:9443) > Administration > Certificate > Trusted CA Certificate. Verify the trusted NSX-T manager cert is correct.

If there is a change in NSX-T manager cert recently, re-import the newly updated NSX Manager certificate following the steps described here : Import Trusted CA Certificate.

Feedback

thumb_up Yes

thumb_down No