Currently, there is no resolution.
To workaround the issue:
Note: In a clustered deployment, the steps below need to be run only on one of the nodes.
- Open SSH session to already upgraded vRA appliance and generate a new ingress certificate using below command:
vracli certificate ingress --generate auto --set stdin
- Verify that the certificate is generated properly using below command
vracli certificate ingress --parse
Note: The output of the command above should contain the following fields:
"keyUsage": [
"DigitalSignature"
- Apply the changes above by redeploying the services using command:
/opt/scripts/deploy.sh
- Once the deploy script completes, check that the UI is reachable again.
Note: In case you upgrade an external vRO that is registered as an integration of vRA then you must accept the newly generated certificate. To do so, navigate to vRA > Cloud Assembly > Infrastructure > Integrations and open the vRO integration. Click on validate button and accept the new certificate.