Adding NSX on VMC Data Source in Aria Operations for Networks fails with "Invalid Credentials"
search cancel

Adding NSX on VMC Data Source in Aria Operations for Networks fails with "Invalid Credentials"

book

Article ID: 384607

calendar_today

Updated On:

Products

VMware Aria Operations for Networks

Issue/Introduction

  • API token is generated with the correct roles and permissions.
  • Data Source is added using the following steps
  • Adding Data Source fails with "Invalid Credentials"
  • API logs on the Platform shows the following Validate Credentials API returning 200

/var/log/arkin/restapiplayer
<timestamp> INFO resources.licenseUsageEnforcement.LicenseUsageEnforcementService dw-285035 - POST /management/validateCredentials isAllAccessBlocked:285 No universal usage enforcement record found while checking access blocked for cid 10265
<timestamp> INFO restapilayer.helper.UIContractProcessor dw-285035 - POST /management/validateCredentials from:86 Processing is not needed for ds POLICYMANAGER
<timestamp> INFO resources.customer.CustomerService dw-285035 - POST /management/validateCredentials getTransport:852 getTransport(10265, POLICYMANAGER)
<timestamp> INFO vnera.restapilayer.SaaSCommunicationHelper dw-285035 - POST /management/validateCredentials getSaaSHost:202 Got Host from KeyVal:aria-networks-platform
<timestamp> INFO vnera.restapilayer.ManagementResource dw-285035 - POST /management/validateCredentials validateCredential:562 ManagementResource - validate Cred
<timestamp> INFO vnera.restapilayer.ManagementResource dw-285035 - POST /management/validateCredentials validateCredential:569 validateCredential took:769
<timestamp> INFO jetty.server.Slf4jRequestLogWriter dw-285035 write:62 127.0.0.1 - - [05/Dec/2024:12:12:03 _0000] "POST /management/validateCredentials HTTP/1.0" 200 90 "https://<IP>/" "Mozilla/5.0 (Windows NT 10.0_ Win64_ x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 895

  • SAAS logs on the Platform shows connection reset on console.cloud.vmware.com:443

/var/log/arkin/saasservice/saasservice.STDOUT-<timestamp>.log.error
[TIMESTAMP] INFO impl.execchain.RetryExec dw-242253 - POST /resttosaasservlet execute:97 I/O exception (java.net.SocketException) caught when processing request to {s}->https://console.cloud.vmware.com:443: Connection reset
[TIMESTAMP] INFO impl.execchain.RetryExec dw-242253 - POST /resttosaasservlet execute:113 Retrying request to {s}->https://console.cloud.vmware.com:443
[TIMESTAMP] org.bouncycastle.jsse.provider.ProvTlsClient notifyAlertRaised
WARNING: Client raised fatal(2) internal_error(80) alert: Failed to read record
java.net.SocketException: Connection reset
        at java.base/java.net.SocketInputStream.read(SocketInputStream.java:186)
        at java.base/java.net.SocketInputStream.read(SocketInputStream.java:140)
        at org.bouncycastle.tls.RecordStream$Record.fillTo(RecordStream.java:367)
        at org.bouncycastle.tls.RecordStream$Record.readHeader(RecordStream.java:406)
        at org.bouncycastle.tls.RecordStream.readRecord(RecordStream.java:170)
        at org.bouncycastle.tls.TlsProtocol.safeReadRecord(TlsProtocol.java:785)
        at org.bouncycastle.tls.TlsProtocol.blockForHandshake(TlsProtocol.java:398)
        at org.bouncycastle.tls.TlsClientProtocol.connect(TlsClientProtocol.java:86)
        at org.bouncycastle.jsse.provider.ProvSSLSocketWrap.startHandshake(ProvSSLSocketWrap.java:611)
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
        at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)
        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
        at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
        at java.base/java.lang.Thread.run(Thread.java:829)

  • Connectivity from Platform to Cloud Console fails

openssl s_client -connect console.cloud.vmware.com:443

socket: Connection refused
connect:errno=111

 

 

 

Environment

VMware Aria Operations for Networks

Resolution

Ensure the required ports are open: Firewall Config