This is a known issue. Currently, there is no resolution.
To work around this issue, locate the host entity within the VPX_HOST table of the vCenter Server database and replace the expected_ssl_thumbprint with the value from host_ssl_thumbprint.
Caution: This process involves modification of the vCenter Server database, ensure to take a snapshot of the vCenter Server Appliance before proceeding.
To replace the expected_ssl_thumbprint with the value from host_ssl_thumbprint:
- Stop the VMware VirtualCenter Server service. For more information, see Stopping, starting, or restarting vCenter Server Appliance services (2054085).
Note: Before stopping the service, VMware recommends to log in to vCenter Server using the vSphere Client and identify the current ESXi host in which the vCenter Server Appliance is running.
- Connect to the ESXi host using the vSphere Client in which the vCenter Server Appliance is running and take a snapshot of the appliance.
- Log in to the vCenter Server Appliance as root using SSH.
- Run this command to connect to the vCenter Server embedded database:
sudo /opt/vmware/vpostgres/1.0/bin/psql -d VCDB vc
- Run this command to display the required contents of the VPX_HOST table:
Select id, dns_name, host_ssl_thumbprint, expected_ssl_thumbprint from vpx_host;
- Identify any mismatches between the host_ssl_thumprint and expected_ssl_thumbprint fields and make note of the dns_name field.
- For each mismatched entry, run this command to replace dnsname with the name notated from the dns_name field in step 6:
UPDATE VPX_HOST SET expected_ssl_thumbprint = host_ssl_thumbprint WHERE DNS_NAME = 'dnsname';
- Run this command to quit:
\q
- Start the VMware VirtualCenter Server service. For more information, see Stopping, starting, or restarting vCenter Server Appliance services (2054085).
- Restart the clone process.
- If the clone process is successful, remove the snapshot from the vCenter Server Appliance.