Getting these errors in the VCS Control log. information has been changed to protect the innocent.
All ports are allowed between the Control and Express.
The TLS Zone between the two show as active.
What is the cause of this issue?
2014-09-30T14:24:43-07:00
portforwarding: Level="ERROR" Detail="Client control socket open failed" forwarding="localhost:8191:localhost:8192" host="vcse01.abc.com" id="31e6ca07-48e8-11e4-a492-0010f31ed774" retcode="255" err="ssh_x509store_cb: subject='C=US,...', error 20 at 0 depth lookup:unable to get local issuer certificate ssh_verify_cert: verify error, code=20, msg='unable to get local issuer certificate' key_verify failed for server_host_key " UTCTime="2014-09-30 21:24:43,537"
What kind of zone is this? Traversal? Do you have TLS verify? Basically its complaining that the peer address that is configured is not present in the certificate that is being presented. I would change the peer address to be a FQDN and the subject verify name to be the same FQDN.
It is a Unified Communications traversal between VCSC and VCSE.
I was using the host name instead of the cluster name in the zone. I changed it, because I believe the cluster name is in the certificate. But still getting the error.
