Troubleshooting Tip: HA certificates will not synchronize with error code '(0xc23b5e0) peer closed the connection'
| Description | This article describes how to handle an issue where an HA cluster is configured and will not synchronize local certificates and other configuration parts. |
| Scope | FortiGate. |
| Solution | The HA cluster is not synchronizing certificates.
diagnose debug app hatalk -1 diagnose debug app hasync -1 diagnose debug enable
Error message:
2024-12-04 11:33:02 <hasync:WARN> conn=0xc23b5e0, peer closed the connection: dst=169.254.0.2, sync_type=18(byod) 2024-12-04 11:33:10 <hatalk> vcluster_1: ha_prio=1(secondary), state/chg_time/now=3(standby)/1733332265/1733333590
Certificates are not syncing.
diagnose sys ha checksum show global
Primary:
certificate.local: 6820b7460fa4378103576d3b93c42e63
Secondary:
certificate.local: e04cc5615ea0062383bdf75d3acb18fc
Check if the following is enabled.
config system ha set standalone-mgmt-vdom enable end
To fix this problem, run the following commands:
config system ha set standalone-mgmt-vdom disable end |