Forum Discussion

Wallace1's avatar
Wallace1
Icon for Nimbostratus rankNimbostratus
Feb 27, 2018

Add HA Pair as GTM Servers

Having issues adding my LTM's as servers on my GTM. This is a closed environment LTM HA Pair and 1 GTM. 1 layer 2 switch that all three devices are attached. When run the utility bigip_add, I am seeing the following in my gtm log:

 

May 10 05:58:35 hw8900-16 err gtmd[16765]: 011ae0fa:3: iqmgmt_ssl_connect: SSL error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (336134278)

 

I had renewed all the device certs and added the device certs to system>device certs> Trusted Device Certificates as well as DNS>glsb>servers>Trusted Server Certificates

 

I am not sure how to move from here. I am using 11.5.4 HF4 tmos version.

 

Thanks,

 

Wallace Branche

 

  • eben's avatar
    eben
    Icon for Nimbostratus rankNimbostratus

    Hi

     

    Do a re-run of bigip_add. That should fix it.

     

    HTH

     

  • Did you add GTM certificate or GTM CA's certificate to "LTM > System > Device certificate > Trusted Device Certificate" ? If I understand correctly the problem is LTMs don't trust in GTM.