Occasionally cluster node communication lost due to "Security Error while Verifing"

Xu, Shu (PPAL RC-HK) 0 Reputation points
2024-03-19T12:11:30.82+00:00

I have a 6 nodes S2D Failover Cluster environment. It happened few times daily that, "Node-to-Node Communications" lost between two nodes.

User's image

In the cluster log, one node is complaining about "ReadObject failed with HrError(0x80090330)". In most cases, the communication could be re-established without any problem. It could also happen that the cluster server terminated and all VMs restarted in other node. Please help give me some hint about this issue. Thanks!

00001764.000022c0::2024/03/14-05:13:34.950 WARN [PULLER P4-R2-03] ReadObject failed with HrError(0x80090330)' because of 'Security Error while Verifing'

00001764.000022c0::2024/03/14-05:13:34.950 WARN [NODE] Node 5: Connection to Node 6 is broken. Reason HrError(0x80090330)' because of 'Security Error while Verifing'

Windows Server Clustering
Windows Server Clustering
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Clustering: The grouping of multiple servers in a way that allows them to appear to be a single unit to client computers on a network. Clustering is a means of increasing network capacity, providing live backup in case one of the servers fails, and improving data security.
956 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Ian Xue (Shanghai Wicresoft Co., Ltd.) 29,491 Reputation points Microsoft Vendor
    2024-03-21T08:00:38.3266667+00:00

    Hi Xu,

    Thanks for your post. Based on my research, the error ReadObject failed with HrError(0x80090330) might be something with TLS, please check TLS with problem server compared with working server. Also, please update ODBC drive 13 if necessary.

    Generally speaking, trusting the custom CA from an application running as a pod usually requires some extra application configuration. You will need to add the CA certificate bundle to the list of CA certificates that the TLS client or server trusts. For example, you would do this with a golang TLS config by parsing the certificate chain and adding the parsed certificates to the RootCAs field in the tls.Config struct.

    Best Regards,

    Ian Xue


    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments