question

Yash-7714 avatar image
0 Votes"
Yash-7714 asked lennongeng-9550 published

Problems in registering azure stack hci cluster with Azure.

Hello Experts,

I have deployed a 2 node Azure stack HCI cluster on HPE servers, The cluster is healthy and I have HCI enabled on my Azure subscription.

When I am trying to register the Cluster with Azure it is failing and here's the snippet from log.

VERBOSE: Command [ New-AzureADApplicationKeyCredential -ObjectId $ObjectId -Type AsymmetricX509Cert -Usage Verify -Value $CertBase64 -StartDate $now -EndDate $Cert.NotAfter] succeeded. Non null result received.
VERBOSE: Command [ Get-AzureADApplicationKeyCredential -ObjectId $ObjectId | where {​​​​​​​($.KeyId -eq $appCredential.KeyId)}​​​​​​​ ] succeeded. Non null result received.
PS>TerminatingError(): "The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop: Failed to validate and set registration certificate."
DEBUG: Exception occured in Set-AzureStackHCIRegistrationCertificate. ErrorMessage : Failed to validate and set registration certificate.
DEBUG: Failed to validate and set registration certificate.
**
VERBOSE: Command [ New-AzureADApplicationKeyCredential -ObjectId $ObjectId -Type AsymmetricX509Cert -Usage Verify -Value $CertBase64 -StartDate $now -EndDate $Cert.NotAfter] succeeded. Non null result received.
VERBOSE: Command [ Get-AzureADApplicationKeyCredential -ObjectId $ObjectId | where {​​​​​​​($
.KeyId -eq $appCredential.KeyId)}​​​​​​​ ] succeeded. Non null result received.
PS>TerminatingError(): "The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop: Failed to validate and set registration certificate."
DEBUG: Exception occured in Set-AzureStackHCIRegistrationCertificate. ErrorMessage : Failed to validate and set registration certificate.
DEBUG: Failed to validate and set registration certificate.
PS>TerminatingError(Register-AzStackHCI): "The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop: Failed to register. Couldn't generate self-signed certificate on node(s) . Couldn't set and verify registration certificate on node(s) HCI01,HCI02. Make sure every clustered node is up and has Internet connectivity (at least outbound to Azure)."
Register-AzStackHCI : Failed to register. Couldn't generate self-signed certificate on node(s) . Couldn't set and
verify registration certificate on node(s) HCI01,HCI02. Make sure every clustered node is up and has Internet


Note: I have validated internet connectivity and I am using global administrator account


Any help would be appreciated.






azure-stack-hubazure-stack-hci
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

lennongeng-9550 avatar image
0 Votes"
lennongeng-9550 answered lennongeng-9550 published

@TrentHelms-MSFT
How can i remove all certificates on the node??

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

TrentHelms-MSFT avatar image
0 Votes"
TrentHelms-MSFT answered

Hi @Yash-7714,

Based on the error, it sounds like there is an issue with a certificate that is being found on the node during the registration process. It is possible that a certificate that is being published automatically on your domain is interfering with this process. Can you try removing all certificates from the node then trying the registration process again? This should allow the self-signed registration certificate to be generated and used for this process.

You can also get more information on the actual failure by enabling the Microsoft-AzureStack-HCI/Debug event logs, retrying the registration then pulling and reviewing the debug logs. If you need assistance with this, you may want to consider opening a support ticket.

Just for information, the final error is very generic and appears regardless of the actual cause of the registration failure. You can verify internet connectivity by running Test-AzStackHCIConnection. If this returns as 'Succeeded', connectivity should be fine.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.