Symptoms:
Compute manager failed to get enabled as auth server due to error Thumbprint mismatch for" ... "Check that the thumbprint is correct.. Please check the hostname in the url is reachable from nsx. Error code: 90011)
"2023-01-05T05:04:24.530Z ERROR http-nio-127.0.0.1-7440-exec-29 CmInventoryService 6190 FABRIC [nsx@6876 comp="nsx-manager" errorCode="MP90002" level="ERROR" reqId="3d285021-####-####-####-47bbcf789eda" subcomp="manager" username="admin"] Compute manager x.x.x.x failed to get enabled as auth server
2023-01-05T05:04:24.481Z INFO http-nio-127.0.0.1-7440-exec-29 CmInventoryService 6190 FABRIC [nsx@6876 comp="nsx-manager" level="INFO" reqId="3d285021-####-####-####-47bbcf789eda" subcomp="manager" username="admin"] compute manager <<Compute Manager's UUID>> auth server details returned CmAuthServerDetail{oidcUrl='https://<x.x.x.x>/openidconnect/vsphere.local/.well-known/openid-configuration', thumbprint='8d576a79##########################################', cmVersion='7.0.3'}
If you are contacting Broadcom support about this issue, please provide the following:
Handling Log Bundles for offline review with Broadcom support:
To fix the vCenter certificate issues please open up a support request with VMware vCenter support team.
Workaround:
While waiting for applying the permanent fix, to keep the compute manager connectivity as UP from NSX-T side, toggle OFF the "Enable Trust" option and save. Which will make the compute manager connectivity as UP.
python lsdoctor.py -l
python lsdoctor.py -t
ervice-control --stop --all && service-control --start --all
'lsdoctor -l'
(lscheck) function can be run without any disruption of vCenter service.