Unable to regenerate certificate after a failed SSL certificate replacement in VMware vCenter Server Appliance 5.x
book
Article ID: 322228
calendar_today
Updated On:
Products
VMware vCenter Server
Issue/Introduction
Symptoms:
- Unable to regenerate certificate after a failed SSL certificate replacement in vCenter server appliance
- Unable to regenerate default certificate by setting option Certificate regeneration enabled to Yes
- Manually replacing the certificate with generate_all_certificates replace command in vCSA fails
Environment
VMware vCenter Server Appliance 5.5.x
VMware vCenter Server Appliance 5.1.x
Cause
This issue occurs when the contents in /var/vmware/vpxd/rui.subjectAltName file is updated and matches the current server DNS name or IP address.
Resolution
To resolve this issue:
- Open a console window to the vCenter Server Appliance.
- Change the directory to /var/vmware/vpxd/ with the command:
cd /var/vmware/vpxd/
- Open the rui.subjectAltName file with a text editor. For more information see, Editing files on an ESX host using vi or nano (1020302).
- Change the two DNS entries (FQDN and shortname) to the previous hostname entries.
- Save the changes and exit the text editor.
- Restart vCenter Server.
Feedback
thumb_up
Yes
thumb_down
No