Video Screencast Help

Backup exec cannot establish trust relationship with remote linux agent

Created: 29 Feb 2012 • Updated: 01 Mar 2012 | 4 comments
This issue has been solved. See solution.

I just upgraded from 2010 R2 to R3 (5204). The media server is a Windows 2008.

I also installed Service Pack 2.

One of the main reasons was to get the media server to work with new agents.

So i have installed VRTSralus-13.0.5204-0.x86_64.deb in two Ubuntu/Linux servers, but when trying to connect to those servers i get a message like this (screenshot also attached):

"Backup Exece cannot establish a trust relationship with the remote agent because of a security certificate signing request failure..."

 

I started the "beremote" process in the linux servers with --log-console, and see this in /var/VRTSralus/beremote.service.log

===========================================================================

 

a94f7700 Wed Feb 29 17:54:09 2012 : Control connection accepted : connection established between end-points <agent-ip>:10000 and <media-server-ip>:50146
a7167700 Wed Feb 29 17:54:09 2012 : sslOpen() : Opening SSL for: 0x7f517eadca8f
a7167700 Wed Feb 29 17:54:09 2012 : sslOpen(): certinfo = 0xe0e72e7f ; sslConn = 0xe0ebcb0f
a7167700 Wed Feb 29 17:54:09 2012 : BENetConfigEx: Successfully refreshed adapter information.
a7167700 Wed Feb 29 17:54:09 2012 : ERROR: LookupMSCertificate: 1 or more certificate files don't exist.  They may have been deleted. Failing verification.
a7167700 Wed Feb 29 17:54:09 2012 : ERROR: LookupMSCertificate: media server not found in certificate cache.  Failing verification.
a7167700 Wed Feb 29 17:54:09 2012 : In ndmpdGetLastError:: Callback to get last NDMP Error.
a7167700 Wed Feb 29 17:54:09 2012 : ERROR: ndmpdCertSSLHandshake:  WritePublicKeyToFilePEM for root returned E000A30C
a7167700 Wed Feb 29 17:54:09 2012 : In ndmpdGetLastError:: Callback to get last NDMP Error.
a7167700 Wed Feb 29 17:54:09 2012 : ndmp_readit: Caught message on closed connection. Socket 0x5 len 0x0
a7167700 Wed Feb 29 17:54:09 2012 : ndmp_readit: ErrorCode :: 2 : 0x       2 (2)
a7167700 Wed Feb 29 17:54:09 2012 : FreeFormatEnv( cur_fmt=0 )
a7167700 Wed Feb 29 17:54:09 2012 : FreeFormatEnv( cur_fmt=0 )
a7167700 Wed Feb 29 17:54:09 2012 : sslClose() : Closing SSL for: 0x7f517eadca8f
===========================================================================
 
WritePublicKeyToFilePEM... does it fail to save the media servers certificate perhaps?
 
How do i solve this?
 
The "for more information..." link in the error message just leads to a "No answers found" page.
 
  wbr / Alex

Comments 4 CommentsJump to latest comment

VJware's picture

Make sure the time is synchronized on the linux & the media servers...

Add these servers through an user-defined selection to establish the trust

Backup_Exec's picture

Hi

Check this link to ad trust relation ship

http://www.symantec.com/docs/TECH178418

 

Thanks

Sameer

Don't forget to give a "Thumbs Up" or Mark as "Solution" if someones advice has helped you.

ttlop's picture

The cause seems to have been incorrect installation procedure (on my part).

I had just done "dpkg -i VRTSralus-13.0.5204-0.x86_64.deb", and not used the "installralus" script.

 

Now i used the script and it worked better. A "beoper" group was added, and i can see that a few certificate-related rows were added to /etc/VTRSralus/ralus.cfg.

 

I seem to be able to backup now, and restore:)

I still have a serious issue with duplicated and mangled file names, but thats another thread.

SOLUTION