Forum Discussion

kc3's avatar
kc3
Level 2
2 years ago

Certificate Expiration

I have a legacy HA system running Cluster Server 6.1. For a non-priviliged user, hastatus -summary is suddenly returning "VCS ERROR V-16-1-53006 Unable to Connect to VCS engine correctly". I suspect the issue is an expired certificate (its been around 8 years) but I don't know which one. The broker, root, and vcsroot certs are not expired (vssat showcred). There are multiple VCS certificates in /var/VRTSvcs/vcsauth/data/ but the manuals don't explain what they are used for. Any idea what cert this could be? Also, can individual certificates, such as CmdServer, be reissued using openssl or is it necessary to go through the entire install process to generate new certificates? Thanks for any insight....

    • kc3's avatar
      kc3
      Level 2

      Thanks for the response. By non-privileged I mean non-root and non cluster-admin. The system has a cluster-admin user configured and it has no problem and neither does root. I agree that your solution is a good one and will work - or I can add the user to sudoers. I guess I'm trying to figure out why after many years, hastatus -summary stopped working for this non-root, non cluster-admin, user. It lines up with the 8-year default limit on VCS certs cited in the administrators manual so I was thinking its one of the VCS certs used for secure mode.