Relinking vCenter Server Appliance and NSX-T after VCSA PNID or SSL certificate change
book
Article ID: 320144
calendar_today
Updated On:
Products
VMware NSX
VMware vCenter Server
Show More
Show Less
Issue/Introduction
This article provides information on how to modify VCSA PNID or SSL certificates when communication between vCenter Server Appliance (VCSA) and NSX-T Data Center fails.
Environment
VMware NSX
VMware vCenter Server
Resolution
Note : These steps do not include updating communication parameters between VCSA and NSX-T. After the VCSA PNID or SSL certificate has been successfully changed and all VCSA services have been restarted. Addition steps must be taken to update communication parameters between VCSA and NSX-T. These steps are as follows:
Log into the VCSA appliance as root .
Run this command: /usr/lib/vmware-wcp/relink_nsx.py For example:/usr/lib/vmware-wcp/relink_nsx.py Enter password for NSX user 'admin' Password: <Password of NSX built-in user 'admin'> 2020-02-19T17:56:07.987Z Running command: ['/usr/lib/vmware-vmafd/bin/vecs-cli', 'entry', 'getcert', '--store', 'vpxd-extension', '--alias', 'vpxd-extension', '--output', '/var/tmp/vmware/tmp_qiji6me'] 2020-02-19T17:56:08.018Z Done running command 2020-02-19T17:56:08.019Z Running command: ['/usr/lib/vmware-vmafd/bin/vecs-cli', 'entry', 'getkey', '--store', 'vpxd-extension', '--alias', 'vpxd-extension', '--output', '/var/tmp/vmware/tmpk052r6u4'] 2020-02-19T17:56:08.046Z Done running command 2020-02-19T17:56:08.650Z Updating CM; NSX: ###.###.###.###:443, id: ########-####-####-####-############, VC: example.vmware.com, SSL: ##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:## 2020-02-19T17:56:21.447Z Updated CM: {'server': '<fqdn>', 'origin_type': 'vCenter', 'credential': {'thumbprint': '##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##', 'credential_type': 'SessionLoginCredential'}, 'origin_properties': [{'key': 'fullName', 'value': 'VMware vCenter Server 7.0.0 build-33446796'}, {'key': 'localeVersion', 'value': 'INTL'}, {'key': 'version', 'value': '7.0.0'}, {'key': 'originComputeManagerDescription', 'value': ''}, {'key': 'apiVersion', 'value': '7.0.0.0'}, {'key': 'build', 'value': '33446796'}, {'key': 'vendor', 'value': 'VMware, Inc.'}, {'key': 'licenseProductName', 'value': 'VMware VirtualCenter Server'}, {'key': 'name', 'value': 'VMware vCenter Server'}, {'key': 'osType', 'value': 'linux-x64'}, {'key': 'instanceUuid', 'value': '########-####-####-####-############'}, {'key': 'originComputeManagerName', 'value': 'VMware vCenter Server'}, {'key': 'localeBuild', 'value': '000'}, {'key': 'licenseProductVersion', 'value': '7.0'}, {'key': 'apiType', 'value': 'VirtualCenter'}, {'key': 'productLineId', 'value': 'vpx'}], 'trust_as_auth_server': False, 'reverse_proxy_https_port': 443, 'resource_type': 'ComputeManager', 'id': '########-####-####-####-############', 'display_name': '########-####-####-####-############', 'description': '', '_create_user': 'admin', '_create_time': 1581963548474, '_last_modified_user': 'admin', '_last_modified_time': 1582134971314, '_protection': 'NOT_PROTECTED', '_revision': 16} 2020-02-19T17:56:21.471Z Updating OIDC EP; NSX: ###.###.###.###:443, id: ################################, VC: <fqdn>, SSL: ################################ 2020-02-19T17:56:22.139Z Updated OIDC EP: {'oidc_uri': 'https://<fqdn>/openidconnect/vsphere.local/.well-known/openid-configuration', 'thumbprint': '################################', 'oidc_type': 'vcenter', 'issuer': 'https://<fqdn>/openidconnect/vsphere.local', 'jwks_uri': 'https://<fqdn>/openidconnect/jwks/vsphere.local', 'resource_type': 'OidcEndPoint', 'id': '################################', 'display_name': '################################ ', '_system_owned': False, '_create_user': 'admin', '_create_time': 1582134982050, '_last_modified_user': 'admin', '_last_modified_time': 1582134982050, '_protection': 'NOT_PROTECTED', '_revision': 0} 2020-02-19T17:56:22.171Z Updating NSX UI plugin registration; VC: example.vmware.com, SSL: ##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:## 2020-02-19T17:56:22.342Z Updated NSX UI plugin
Feedback
thumb_up
Yes
thumb_down
No