NSX-T restore from backup fails with a certificate validation error
book
Article ID: 324215
calendar_today
Updated On:
Products
VMware NSX
Issue/Introduction
NSX-T 3.0.x
On initiating a restore from backup, the restore may fail reporting a certificate validation error similar to
Restore from backup process failed. Error while restoring certificates.
Error while updating tomcat certificate <UUID> failed. Certificate validation failed.
There may be different failure reasons, for example
Certificate was not verifiably signed
Certificate does not verify with supplied key
CRL check failed: No CDP specified in the certificate
Environment
VMware NSX-T Data Center 3.x
Cause
A certificate validation checks runs during the restore process. Sometimes this may result in a validation failure. Since certificates on a running system have already been validated, there should be no certificate validation during the restore process.
Resolution
This issue has been resolved in NSX-T Data Center 3.1.0
Workaround: If you are experiencing this issue in a DR restore scenario, please contact Broadcom Support and refer to this KB.