vCenter: Installing of a custom certificate failed

Hi,

a customer had the problem that he couldn’t install a custom certificate, reset all ceritifcates etc. with the vCenter certificate manager /usr/lib/vmware-vmca/bin/certificate-manager.

He had canceled a previous attempt and from now on an error
Certificate Manager tool do not support vCenter HA systems
occured although he hasn’t enabled vCenter HA.


The problem was that the previous certificate installation attempt has already deleted the machine ssl key and certificate

/usr/lib/vmware-vmafd/bin/vecs-cli entry list --store MACHINE_SSL_CERT --text
Number of entries in store :    0

So the solution was to install the previous key
Try to install

/usr/lib/vmware-vmafd/bin/vecs-cli entry create --store MACHINE_SSL_CERT --key /root/TLS/2021/myVCenter.key --alias __MACHINE_CERT --cert /root/TLS/2021/myVCenter.cer

Check if it is installed

/usr/lib/vmware-vmafd/bin/vecs-cli entry list --store MACHINE_SSL_CERT --text

and start the certificate manager again.

/usr/lib/vmware-vmca/bin/certificate-manager

Michael

Advertisment to support michlstechblog.info

Leave a Reply

Your email address will not be published.

Time limit is exhausted. Please reload CAPTCHA.