Error: Index out of sync, please resync via 'start search resync {0}'. (Error code: 60516)
System is still in uncertain state please reload
VMware NSX-T Data Center 3.x
VMware NSX 4.x
The environment has been upgraded in the past from a version prior to 3.x.
This issue is resolved in VMware NSX-T Data Center 3.2.3.0
This issue is resolved in VMware NSX 4.0.2.0
This issue is resolved in VMware NSX 4.1.1.0
Workaround:
Identify if the system has any certificates using old service types by running the API to list certsGET /api/v1/trust-management/certificates
Check for the "service_types
" field.
Certificates with any of the following service_types will cause this issue
"Node API Certificate"
"MGMT_PLANE_DNE"
"Client Authentication"
"Cluster API Certificate"
If the certificate is in use, make note of the node UUID in the "used_by
" field.
The certificate will first need to be released from the node and then deleted
ssh to any NSX Manager as root user and for each cert curl -k -X POST -H "Content-Type: application/json" -H 'X-NSX-Username:admin' -H 'X-NSX-Groups:superuser' -d '{"node_id":"<NODE_UUID>"}' "http://127.0.0.1:7440/nsxapi/api/v1/trust-management/certificates/<CERT_UUID>?action=release"
curl -k -X DELETE -H "Content-Type: application/json" -H 'X-NSX-Username:admin' -H 'X-NSX-Groups:superuser' "http://127.0.0.1:7440/nsxapi/api/v1/trust-management/certificates/CERT_UUID"
Note: If the certificates are used by a Principle Identity solution such as Tanzu, it may be necessary to delete the associated cluster deployment and redeploy it to free up the problem certificate.