To resolve this issue, update the IP address, certificate and thumbprint of the NSX Intelligence appliance.
For example, as part of deployment, NSX Intelligence appliance is deployed and registered with NSX Manager (IP: 10.10.0.10, thumbprint: old_t, node certificate: old_c)
Now if this NSX Manager appliance is deleted or its IP/node certificate changed, you need to update the NSX Intelligence appliance with the new or changed NSX Manager appliance information.
- Collect NSX Manager appliance information.
- Pick an NSX Manager IP from the UI and login via SSH to the node as admin user.
- Get the node certificate by executing the following command on nsx-cli:
For example:
nsxmanager-1> get certificate api
-----BEGIN CERTIFICATE-----
..cert snipped...
-----END CERTIFICATE-----
- Get the thumbprint of the certificate using this command:
For example:
nsxmanager-12> get certificate api thumbprint
thumbprint_of_the_cert_printed_here
- Update the information on NSX Intelligence node.
- Log in to NSX Intelligence node via SSH as admin user.
- Update the IP and Certificate thumbprint using this command:
For example:
intelligence-cli> update intelligence manager node host-ip-addr 10.10.0.10 cert-thumbprint thumbprint_of_the_cert_printed_here
- Update the NSX Manager node certificate on NSX Intelligence using this command:
For example:
intelligence-cli> update intelligence manager node certificate <certificate-from-step1.2-in base64-format>
- Optional steps required in certain scenarios:
- If the above steps were performed during or after upgrade from NSX Intelligence version 1.0.0, update the NSX UA cluster certificate stored on NSX Intelligence.
- Get cluster certificate from NSX UA. Call the API on NSX Manager:
https://{{nsx_ua_server}}/api/v1/trust-management/certificates?type=cluster_api_certificate
- Get the cluster certificate pem_encoded field in base64 format:
echo -e "<value_of_pem_encoded_from_json_response>" | base64
LS0tL...snipped...S0KCg==
- Update the certificate information on NSX Intelligence:
For example:
intelligence-cli> update intelligence manager cluster certificate <certificate-from-step3.1.2-in base64-format>
- Restart proxy on NSX Intelligence with this command:
restart service http
- If the above steps were performed during or after upgrade, also restart the nsx-config service on NSX Intelligence appliance using this command:
restart service nsx-config
- After waiting for a brief period of time post service restart - refresh your browser to ensure NSX Intelligence UI features are (re)loaded.