Problem
Unable to login to NetBackup Administration Console - Status code 7656 is returned because the CRL has expired.
Error Message
"Unable to login, status: 7656. The revocation status of the host certificate cannot be verified using the Certificate Revocation List (CRL) because the CRL expired. The CRL is older than 7 days."
Attempts to update the CRL on the master server were unsuccessful:
Failed to fetch certificate revocation list for <mastername>. 5982: The certificate revocation list is unavailable.
Successfully refreshed security level for <mastername>.
EXIT STATUS 9305: CRL retrieval operation was partially successful.
Cause
The nbatd service was not running. This service must be running on the master server in order to serve requests to update the CRL.
This issue could arise in any circumstance where nbatd is not running.
Unix: /usr/openv/netbackup/logs/nbcert
Windows: <installpath>\netbackup\logs\nbcert
09:09:10.079 [864.11324] <2> NBClientCURL::performCurlOperation: Fetched data = [xxxxx], httpcode = 503
09:09:10.079 [864.11324] <16> CurlCrlFetcher::fetchCrl: Failed to fetch CRL. CURL request failed. error = 5982
09:09:10.079 [864.11324] <2> NBClientCURL:~NBClientCURL: Performing curl_easy_cleanup()
09:09:10.079 [864.11324] <2> nbclnt_curl_prefnet::reset: Returning VN_STATUS_SUCCESS
09:09:10.079 [864.11324] <16> CrlRefreshTask::doTask: Failed to fetch certificate revocation list for nbmaster01. error = 5982
Unix: /usr/openv/logs/nbwebservice
Windows: <install path>\NetBackup\logs\nbwebservice
09/14/2018 09:26:29.223 [Application] NB 51216 nbwebapi 495 PID:10384 TID:33 File ID:495 [No context] [Error] Broker Name: localhost!1556!nbatd, Port: 1556
09/14/2018 09:26:29.223 [Application] NB 51216 nbwebapi 495 PID:10384 TID:33 File ID:495 [No context] [Error] Error occurred while trying to get CRL with 6006 and message Unable To Connect To Server
09/14/2018 09:26:29.223 [Application] NB 51216 nbwebapi 495 PID:10384 TID:33 File ID:495 [No context] [Error] CRL generation failed on host : nbmaster01
09/14/2018 09:31:29.246 [Application] NB 51216 nbwebapi 495 PID:10384 TID:33 File ID:495 [No context] [Error] EAT_LOG:(at_client_transport.c,469)Failed (pbxConnect) to connect to localhost 1556
09/14/2018 09:31:29.246 [Application] NB 51216 nbwebapi 495 PID:10384 TID:33 File ID:495 [No context] [Error] EAT_LOG:(at_client_transport.c,281)pbx connect failed. rc = -1, host = localhost, PBXPort = 1556, PBX_ServiceID = nbatd
09/14/2018 09:31:29.246 [Application] NB 51216 nbwebapi 495 PID:10384 TID:33 File ID:495 [No context] [Error] EAT_LOG:(at_client_proxy.c,278)Unable to open a connection to localhost!1556!nbatd
Solution
Start the nbatd service on the master server.
Linux / Unix:
To check if running:
/usr/openv/netbackup/bin# bpps -x | grep -i nbatd
To start :
/usr/openv/netbackup/bin# ./nbatd start
Windows :
Go to Start > Run > type services.msc > click ok, on Services window, look for 'NetBackup Authentication', right click on it and click to start.
Note:
NBCURL logging can be enabled by
Linux / Unix:
add the line
ENABLE_NBCURL_VERBOSE = 1
to /usr/openv/netbackup/bp.conf
Windows:
registry edit
HKEY_LOCAL_MACHINE\SOFTWARE\Veritas\NetBackup\CurrentVersion\Config\
add a DWORD called ENABLE_NBCURL_VERBOSE
give it a decimal value of 1
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.