When attempting to access the NSX UI, a certificate error is returned : {"module_name":"common-services","error_message":"Internal server error has occurred.","details":"Client certificate not found in trust store","error_code":99}
Article ID: 386719
Updated On:
Products
Issue/Introduction
- A pop up for certificate selection appears when accessing NSX UI.
- Selecting any certificate from the pop up will result in UI becoming inaccessible due to internal server error.
- You may see the following errors in the following log file /var/log/proxy/reverse-proxy.log
2023-06-29T17:08:39.936Z WARN Processing request ########-####-####-####-########0b91 RequestHandlerFactory 8376 - [nsx@6876 comp="nsx-manager" level="WARNING" subcomp="http"] Client certificate 'CN=####, OU=####, OU=####, OU=####, DC=####, DC=####, DC=####, DC=####' not found in trust store2023-06-29T17:08:39.938Z ERROR http-nio-127.0.0.1-6565-exec-2070 ExceptionUtils 8376 - [nsx@6876 comp="nsx-manager" errorCode="MP98" level="ERROR" subcomp="http"] Uncaught exceptionjava.lang.RuntimeException: Client certificate not found in trust store at com.vmware.nsx.management.rp.RequestHandlerFactory.isUnifiedAppliance(RequestHandlerFactory.java:70) ~[libreverse-proxy-compile.jar:?] at com.vmware.nsx.management.rp.PreAuthenticationProxyFilter.doFilter(PreAuthenticationProxyFilter.java:67) ~[libreverse-proxy-compile.jar:?]
Environment
VMware NSX
Cause
The client computer's trust store has a certificate with same subject name as one of the Local Managers/Global Managers certificate
Resolution
This is a known issue impacting VMware NSX
Workaround:
When the browser asks to select a certificate to continue logging onto the system, click cancel, instead of attempting to select a certificate.
Then proceed to login normally and you should not get presented with this message now.
Remove certificate from your computer's trust store if this is not required.
Feedback
