ESXi hosts report the upgrade status as fail after replacing the NSX Manager certificate
book
Article ID: 301120
calendar_today
Updated On:
Products
VMware Cloud Foundation
Issue/Introduction
Symptoms: When you apply the self signed certificate to NSX Manager, you experience these symptoms:
The upgrade button is greyed out under LCM > Update.
Under LCM > Inventory, in the vcenter-mgmt you see a red bang mark on the host indicating a on-going upgrade.
For example, "rack-1-n0" (6.0.0-5XXXXXX - 6.0.0-5YYYYYY).
You see the updated ESXi host version (example, 6.0.0-5YYYYYY) from vCenter Server. Indicating a successful upgrade of the ESXi host.
Rebooting the host by entering into Maintenance Mode and restarting the VRM tc-server service does not help.
Environment
VMware Cloud Foundation 2.0.x VMware Cloud Foundation 2.1.x
Cause
This issue occurs because VRM is unaware of the user added certificate and is unable to authenticate NSX Manager.
VRM attempts the host prep before upgrading to ensure that host is in upgrade state. If NSX fails to authenticate, you cannot upgrade the host from VRM.
Resolution
To resolve this issue, add/import the self signed NSX Manager certificate into VRM manually to allow the authentication of NSX Manager: