Symptoms:
vCenter Upgrade to 7.0 fails with an error:
Upgrade phase timed out. The time planned for the upgrade phase was 15 minutes. The upgrade phase has already been running for 15 minutes.
CollectRequirements for com.vmware.sso times outIn the Tomcat webapp log [catalina.xxxx-xx-xx.log] you see the following error:
2021-04-28T16:01:10.077Z SEVE org.apache.catalina.core.StandardService Failed to initialize connector [Connector[com.vmware.identity.tomcat.VECSAwareHttp11NioProtocol-7444]]
org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:1078)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
...
Caused by: java.io.IOException: Could not get key with alias __MACHINE_CERT from VECS key store
at com.vmware.identity.tomcat.VECSAwareSSLImplementation.getTransientKeyStore(VECSAwareSSLImplementation.java:162)
at com.vmware.identity.tomcat.VECSAwareSSLImplementation$1.getKeyManagers(VECSAwareSSLImplementation.java:65)
at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:245)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:98)
... 19 more
When reviewing the content in the STS_INTERNAL_SSL_CERT store in the VECS you find that it contains no entries:
# /usr/lib/vmware-vmafd/bin/vecs-cli entry list --store STS_INTERNAL_SSL_CERT
Number of entries in store : 0