Diego Databse (BBS) NCP (NSX Container Plugin) fails with ClientCertificateNotTrusted errors
search cancel

Diego Databse (BBS) NCP (NSX Container Plugin) fails with ClientCertificateNotTrusted errors

book

Article ID: 388892

calendar_today

Updated On:

Products

VMware Tanzu Application Service

Issue/Introduction

Diego Database and Diego Cells are intermittent reporting FAIL'ing status.

ncp.err.log on diego database reports errors: 

_raise_http_exception_if_needed
    raise exc
vmware_nsxlib.v3.exceptions.ClientCertificateNotTrusted: Certificate not trusted

This error may happen on Tanzu Platform Cloud Foundry environments utilizing the NSX-T Container Plugin tile.

Resolution

The NSX Client Certificate needs rotation.

Follow the steps outlined in NSX Install Guide to configure a new client certificate -

  1. Click the VMware NSX-T tile.
  2. Enter the address of the NSX Manager
  3. Select the method for NSX Manager authentication.
Option Action
Client Certificate Authentication Provide the certificate and private key for NSX Manager

     

     

    Powered by Wolken Software