Error Message

# systemctl status vxfen

VXFEND: make_realtime(): Failed to make vxfend a real time process

# cpsadm -s  -a list_nodes

None of the SSL certificates found in directory /var/VRTSvxfen/security/certs/ could be used to successfully connect to #.#.#.#

Method 1

Install the latest VRTScps on all of the client servers and the CP server. This will bring all servers to TLS 1.2.

Method 2

Remove or comment the line which directs CP clients to use only TLSv1.2, from the file /etc/vxcps_ssl.properties until all the CP servers and clients are patched with VRTScps.

• # openSSL.server.requireTLSv1_2 = true

Lastly restart VCS on CP servers and vxfen on client servers. Alternatively reboot the servers.

This issue occurs due to a mismatch of TLS versions (v1.0 and v1.2 ) between the Coordination Point (CP) Server and the clients. This mismatch typically happens if patching VRTScps to a version where TLS 1.2 is introduced, but the patches have not been installed on all servers (CP and clients).

A manual configuration change in /etc/vxcps_ssl.properties can also cause this, if the TLS versions differ on the systems. 

Ensure that the TLS versions match. This can be done using the following two methods: