NSX Manager UI certificate replacement fails with error 2190 "TRANSPORT_NODE_ONBOARDING_IN_PROGRESS"
search cancel

NSX Manager UI certificate replacement fails with error 2190 "TRANSPORT_NODE_ONBOARDING_IN_PROGRESS"

book

Article ID: 412945

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • NSX Manager certificate replacement fails through UI or Batch API replacement.

  • The following error is observed when attempting to replace the certificate:

A certificate batch replace operation cannot be started at this time because conflicting operations are running: TRANSPORT_NODE_ONBOARDING_IN_PROGRESS. Try again later. (Error code: 2190)

Error screenshot as seen from NSX UI > System > Certificates > Select the certificates you want to replace > Actions > Replace Certificates :


Environment

VMware NSX

Cause

An alarm is triggered during certificate replacement if any Transport Node is in a non-healthy state, such as HOST_DISCONNECTED or INSTALL_FAILED.

Resolution

This is a condition that may occur in a VMware NSX environment.

It is recommended to:

  • Identify any stale or disconnected ESXi transport nodes in the NSX inventory.
  • Rectify any host related errors
  • Reattempt the NSX Manager UI certificate replacement from GUI or API.
  • Verify success of replacement and NSX Manager accessibility.

    If "Replace Certificate" option from an expired certificate is giving Batch Replace error, "Apply Certificate" for the respective service from new certificate can be attempted.

    Also, the certificate can be replaced without using the batch replace process by replacing the certificate for each API/VIP service. Beginning with Step 1 in the following document
    Replace Certificates Through API
Powered by Wolken Software