GM UI showing error Unable to fetch TransportZoneListResultDto List from NSX, enforcement point default
search cancel

GM UI showing error Unable to fetch TransportZoneListResultDto List from NSX, enforcement point default

book

Article ID: 322516

calendar_today

Updated On:

Products

VMware NSX Networking

Issue/Introduction

Symptoms:
  • You're running NSX federation
  • You're attempting to either onboard a site.
  • You observe error similar to the below on the UI
Screenshot_707.png
  • You observe the following entries in the Global Manager under /var/log/gmanager/gmanager.log
...
yyyy-mm-ddThh:mm:ss <gloabl-manager-fqdn> NSX 12556 SYSTEM [nsx@6876 comp="global-manager" errorCode="MP100" level="ERROR" subcomp="global-manager"] I/O error on GET request for "https://<nsx-magaer-ip>/api/v1/cluster/backups/overview": readHandshakeRecord; nested exception is javax.net.ssl.SSLException: readHandshakeRecord
...
yyyy-mm-ddThh:mm:ss <gloabl-manager-fqdn> NSX 12556 SYSTEM [nsx@6876 comp="global-manager" errorCode="MP100" level="ERROR" subcomp="global-manager"] I/O error on GET request for "https://<nsx-magaer-ip>/api/v1/cluster/backups/overview": Connection reset; nested exception is javax.net.ssl.SSLException: Connection reset
...
  • You have expiring certificates in one or more of the onboarded federation sites which can be verified either from the NSX UI via System > Settings > Certificates or if you observe the following entry under /var/log/proton/nsxapi.log
<date-time-02> ERROR http-nio-127.0.0.1-7440-exec-15 CertificateUtil 4265 SYSTEM [nsx@6876 comp="nsx-manager" errorCode="MP2002" level="ERROR" reqId="<uuid>" subcomp="manager" username="admin"] Certificate expired, current date should not be after <date-time-01>

Where <date-time-02> is after <date-time-01>


Environment

VMware NSX-T Data Center

Cause

Onboarding of a site requires synchronization with the rest of the sites, the synchronization would fail if there are any expired certificates in the environment. Note, it is important to check on all Local Managers and all Global manager for expired certificates.

Resolution

Please make sure that all the certificates in the federation setup are valid to avoid this issue. If you have expired certificates please follow the document Replace Certificates to keep the certificates up to date.