This article provides information on how to recover from a wrong manager node IP address after using an invalid IP address while using CLI to change manager node certificate.

Symptoms:
When you add a manager node certificate CLI with a wrong IP address, you experience these symptoms:

• The NSX Intelligence node fails the detection of invalid IP address.
• Running the get intelligence manager-version command results in an error which indicates that the connection to the NSX Manager is broken,
• In the /var/log/pace-server.log file, you see entries similar to:
  
  2020-07-22 11:25:49,133 ERROR c.v.n.p.o.OperationalApiImpl [http-nio-127.0.0.1-7447-exec-10] NSX-INTELLIGENCE [nsx@6876 comp="nsx-intelligence" errorCode="XXX910027" level="ERROR" subcomp="manager"] Exception during NSX node connectivity check org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://##.##.##.##/api/v1/node/version": Connect to ##.##.##.##:443 [/##.##.##.##] failed: Connection timed out (Connection timed out); nested exception is org.apache.http.conn.HttpHostConnectException: Connect to ##.##.##.##:443 [/##.##.##.##] failed: Connection timed out (Connection timed out).
  
  Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.

VMware NSX-T Data Center 3.x
VMware NSX-T Data Center

This issue occurs due to current architecture design, as the NSX Intelligence node is not able to know all the IP addresses of the NSX manager nodes.

This is a known issue affecting VMware NSX Intelligence 1.2.0.

Currently, there is no resolution.

Workaround:
To work around this issue, set the manager to the correct manager node address by running this command:

set intelligence manager-node <ip-address> cert-id <cert-id> cert-b64-encoded-pem LS0tL...CRUdJT.