Unable to backup Native Key Provider when vcenter unset hostname.
search cancel

Unable to backup Native Key Provider when vcenter unset hostname.

book

Article ID: 312030

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

This article provides workaround when encountered backup Native Key Provider failed by vCenter unset hostname.


Symptoms:

Backup Native Key Provider failed.


Environment

VMware vSphere ESXi 8.0.x
VMware vSphere ESXi 7.0.3

Cause

The url of download backup file depends on hostname, so if vCenter unset hostname, the url can't be used to download the backup file.

Resolution

VMware is aware of this issue and working to resolve this in a future release.


Workaround:

Follow the below Workaround:
Step 1: Using dcli export command, this gives a bearer token & file path

root@localhost [ ~ ]# dcli com vmware vcenter cryptomanager kms providers export --provider kp
location:
     download_token:
        expiry: 2022-03-23T23:12:34.000Z
         token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NDgwNzcxNTQsInBhc3N3ZCI6Iip0eThqTy8wVnBYT1FNOUk1Z2tjRGh2aFdmRkt4WGVOZzI2T1J5ck1Iva21zL2twIn0.tSRvNMhYW5pwPIkv0T3bWuen5nUW_j2fnOtrwzJbBSU
     url: https://localhost/cryptomanager/kms/kp

Type: LOCATION

Step 2: Download the file:
replace the localhost instead of vc ip in the url, and put token after Bearer.
 wget 'https://172.16.33.132/cryptomanager/kms/kp' --header 'Authorization: Bearer eyJh...SU'