If customer is using a CA signed certificate for their API service.
 

Support bundle generation from NSX UI fails with the following error:



Under syslogs you will see the API call being made by NSX for support bundle generation fail followed by DNS lookup failure.

2023-11-29T04:05:45.120Z nsxmgr-03 NSX 1620 - [nsx@6876 comp="nsx-manager" subcomp="node-mgmt" username="admin" level="INFO" audit="true"] admin 'POST /api/v1/administration/support-bundles?action=collect&require_delete_or_override_async_response=true --- New value: {"nodes": ["XXXXXXXXXX"], "content_filters": ["DEFAULT"], "log_age_limit": 1}' 202 738 "https://X.X.X.X/nsxmanager/index-ext.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 0.010564


2023-11-29T04:05:45.363Z nsxmgr-03 NSX 1620 - [nsx@6876 comp="nsx-manager" subcomp="node-mgmt" username="root" level="WARNING" invalid="true"] Reverse DNS lookup failed. output = Host X.X.X.X not found: 3(NXDOMAIN)#012, rc = 1 , err =
2023-11-29T04:05:45.366Z nsxmgr-03 NSX 1620 - [nsx@6876 comp="nsx-manager" subcomp="node-mgmt" username="root" level="WARNING"] FQDN is required but cannot be resolved from IP address x.x.x.x

support bundle feature logs the following in var/log/nvpapi/api_server* when the reverse lookup fails:

2023-11-29T06:58:58.000Z napi.root.administration.support_bundles.__self__ WARNING FQDN is required but cannot be resolved from IP address x.x.x.x

Customer will need to define the A Record and PTR record for the managers on their DNS servers.

Workaround:
Customers will still be able to collect support bundles via CLI using get support-bundle <file>

Impact/Risks:
If DNS entries are not defined correctly the support bundle collection will fail from NSX UI.