VPLEX: Execution of security configure-certificate command fails with an error "Is a directory"


   Article Number:     530207                                   Article Version: 2     Article Type:    Break Fix 




VPLEX Series,VPLEX GeoSynchrony 5.5,VPLEX GeoSynchrony 6.0,VPLEX GeoSynchrony 6.1,VPLEX Metro,VPLEX VS2,VPLEX VS6,VPLEX Local





'security configure-certificate' command execution fails with an error "Is a directory" as shown below :   

        VPlexcli:/> security configure-certificates       
          security configure-certificates:  Evaluation of <<security configure-certificates>> failed.       
          cause:                            Command execution failed.       
          cause:                            21       
          cause:                            Is a directory
    Errors seen in the client log :   
      2018-08-08 19:37:37,770 INFO  [Thread-57] service_localhost_T20810: security configure-certificates       
        2018-08-08 19:37:37,771 INFO  [Thread-57] audit: security configure-certificates       
        2018-08-08 19:37:37,892 ERROR [DefaultCommandHandler-Thread-3] security configure-certificates: Failed to configure certificates: Validation error: Certificates already present in the system.                    Delete old certificates before configuring the system with                    new certificates.       
        2018-08-08 19:37:37,967 ERROR [DefaultCommandHandler-Thread-3] ConfigureCertificatesCmd: 21       
        Traceback (most recent call last):       
          File "/opt/emc/VPlex/jython2.7b4/LibExt/yyapi.py", line 322, in _execute       
            result = self._execute_(shell,context,args)       
          File "/opt/emc/VPlex/jython2.7b4/LibExt/AutoBundles/prodscripts.jar/configureCertificates.py", line 148, in _execute_       
          File "/opt/emc/VPlex/jython2.7b4/LibExt/AutoBundles/prodscripts.jar/configureCertificates.py", line 241, in restore       
          File "/opt/emc/VPlex/jython2.7b4/LibExt/AutoBundles/prodscripts.jar/configureCertificates.py", line 656, in cleanup       
          File "/opt/emc/VPlex/jython2.7b4/LibExt/AutoBundles/prodscripts.jar/configureCertificates.py", line 675, in _deleteFilesInDir       
          File "/opt/emc/VPlex/jython2.7b4/LibExt/AutoBundles/prodscripts.jar/configureCertificates.py", line 652, in _removeFile       
        OSError: [Errno 21] Is a directory: '/etc/ipsec.d/cacerts/save' 






A manual creation of a folder named 'save' that was created under /etc/ipsec.d/cacerts/ interfered with the checks required for security certificates renewal procedure.                                                           






Step 1 : Login to VPLEX management server using the 'service' account credentials.   

      login as: service       
        Using keyboard-interactive authentication.       
    Step 2 : Navigate to the path /etc/ipsec.d/cacerts/ and check for a folder called 'save'.   
      service@vplex01:~> cd /etc/ipsec.d/cacerts/       
        service@vplex01:/etc/ipsec.d/cacerts> ll save
    Step 3 : Delete the file with the name 'save'.   
      service@vplex01:/etc/ipsec.d/cacerts> rm -rf save   
    Step 4: Navigate to the VPlexcli and run the command  'security configure-certificates' again and check if command executed successfully.   
      VPlexcli:/> security configure-certificates   
    Step 5 : If the command still fails contact Dell-EMC Customer Support and mention this article.                                                           






Note : Please make sure to delete the old certificates before executing the security configure-certificate command with the command as follows :   

       service@vplex01:~> rm /etc/ipsec.d/*/*pem*