Search the VMware Knowledge Base (KB)
View by Article ID

“Validation is enabled; SSL transport factory requires a valid certfile to be specified” error when logging in to Cassandra (2150349)

  • 0 Ratings

Symptoms

  • Logging into Cassandra fails.
  • You see the error similar to:

    Validation is enabled; SSL transport factory requires a valid certfile to be specified. Please provide path to the certfile in [ssl] section as 'certfile' option in /usr/lib/vmware-vcops/user/conf/cassandra/cqlshrc (or use [certfiles] section) or set SSL_CERTFILE environment variable.

  • The $VCOPS_BASE/user/conf/cassandra/cqlshrc file has missing or no configuration.
  • The /storage/vcops/log/cassandra/check.admin.log file contains errors similar to:

    localhost:/storage/vcops/log/cassandra # $ALIVE_BASE/cassandra/apache-cassandra-2.1.8/bin/cqlsh --ssl --cqlshrc $ALIVE_BASE/user/conf/cassandra/cqlshrc
    Validation is enabled; SSL transport factory requires a valid certfile to be specified. Please provide path to the certfile in [ssl] section as 'certfile' option in /usr/lib/vmware-vcops/user/conf/cassandra/cqlshrc (or use [certfiles] section) or set SSL_CERTFILE environment variable.
    2017-05-31 10:58:42,270 INFO vmware.vcops.cassandra.check#_are_enough_nodes_up:214 - Total nodes up=1, total nodes required=1
    2017-05-31 10:58:42,272 ERROR vmware.vcops.cassandra.check#<module>:558 - Find more details in:  /usr/lib/vmware-vcops/user/log/cassandra/check.admin.log
    2017-05-31 11:05:32,262 INFO vmware.vcops.cassandra.check#wait_for_cassandra:437 - No retry timeout set; will retry checking Cassandra status until the minimum required number of nodes are up

Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.


Cause

The configuration in $VCOPS_BASE/user/conf/cassandra/cqlshrc is required to log into Cassandra.

This issue occurs if there is missing or no configuration in vRealize Operation Manager 6.1 and later.

Resolution

To resolve the issue the configuration in $VCOPS_BASE/user/conf/cassandra/cqlshrc must be set correctly.

  1. Log in to the affected analytics node as root via SSH or console.
  2. Run this command to get the Cassandra user password and note the output.

    sed -nre 's/^cassandra\.user\.password\=\s*(.*)$/\1/p' /usr/lib/vmware-vcops/user/conf/persistence/persistence.properties

  3. Open $VCOPS_BASE/user/conf/cassandra/cqlshrc file using a text editor.
  4. Copy and paste these lines into the file:

    [connection]
    hostname = 127.0.0.1
    port = 9042
    client_timeout = 120

    [authentication]
    username = vcops_user
    password = encrypted_password

    [ssl]
    certfile = /storage/vcops/user/conf/ssl/web_chain.pem
    usercert = /storage/vcops/user/conf/ssl/web_cert.pem
    userkey = /storage/vcops/user/conf/ssl/web_key.pem
    validate = true


    Note: Replace encrypted_password with the password found in step 2.

    Example: password = nA1EryqYPn58V5+0MLqiZ6al

  5. Save and close the file.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 0 Ratings
Actions
KB: