Registering a VASA provider with vCenter Server fails and reports the error: InvalidCertificate
search cancel

Registering a VASA provider with vCenter Server fails and reports the error: InvalidCertificate

book

Article ID: 335938

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction


  • Cannot register a VASA provider with vCenter Server.
  • Registering a VASA provider with vCenter Server fails.
  • You see the error:

    Exception of type Vmomi.fault.InvalidArgument was thrown or
    A problem was encountered while registering the provider
     
  • In the C:\ProgramData\VMware\Infrastructure\Profile-Driven Storage\Logs\sps.log file, you see entries similar to:

    Initializing services for provider with url -https://server.domain.com:8443/services/vasaService
    YYYY-MM-DD TIME [pool-29-thread-4] DEBUG com.vmware.vim.sms.security.SessionValidator - Verified privilege : StorageViews.View
    YYYY-MM-DD TIME [pool-29-thread-4] INFO com.vmware.vim.vmomi.server.impl.ValidatorFutureImpl - Future 1/1 is set for for 70613 (valid: true)
    YYYY-MM-DD TIME [pool-28-thread-1] DEBUG com.vmware.vim.sms.task.TaskImpl - Received API call : queryInfo for task - ManagedObjectReference: type = SmsTask, value = SmsTask-6, serverGuid =
    YYYY-MM-DD TIME [pool-27-thread-6] ERROR com.vmware.vim.sms.provider.VasaProviderImpl -    Failed to register vasa certificate
    com.vmware.vim.vasa.InvalidCertificate: InvalidCertificate
    <snip>
    YYYY-MM-DD TIME [pool-27-thread-6] ERROR com.vmware.vim.sms.task.JobHandler - Exception during invocation of registerProviderInt
    com.vmware.vim.binding.vmodl.fault.InvalidArgument:
    invalidProperty = certificate
    <snip>
    YYYY-MM-DD TIME [pool-27-thread-6] DEBUG com.vmware.vim.sms.task.TaskManagerImpl - Marked SmsTask-6 as completed
    YYYY-MM-DD TIME [pool-27-thread-6] DEBUG com.vmware.vim.sms.task.TaskImpl - Task execution failed!ManagedObjectReference: type = SmsTask, value = SmsTask-6, serverGuid =


Environment

VMware vCenter Server 5.5

Cause

This issue occurs due to an expired certificate used by the Storage Monitoring Server within the VMware VirtualCenter Management Webservices component.

Resolution

To resolve this issue when the Storage Monitoring Service certificate has expired, regenerate a new self-signed certificate.
 
To confirm if the Storage Monitoring Service certificate has expired:
  1. Log in to vCenter Server using a remote desktop or console session.
  2. Open an administrative command prompt and navigate to the vCenter Server Java Components directory.

    Note: In vCenter Server 5.5, the default location is C:\Program Files\Common Files\VMware\VMware vCenter Server - Java Components\bin.
     
  3. Run this command:

    keytool -keystore "C:\ProgramData\VMware\VMware VirtualCenter\SSL\sms.keystore" -storepass testpassword -list -v

    Note: If vCenter Server was not installed using the default option, the preceding command must be updated to reflect the correct installation location.
     
  4. Check the Valid from and until fields to confirm the expiration of the certificate.
To regenerate a new self-signed certificate for the Storage Monitoring Service:
  1. Stop the VMware VirtualCenter Management Webservices and Profile-Driven Storage service. For more information, see Stopping, starting, or restarting VMware vCenter Server services (1003895).
  2. Rename the existing sms.keystore and sms.truststore files located at C:\ProgramData\VMware\VMware VirtualCenter\SSL\.
  3. Restart the VMware VirtualCenter Management Webservices and Profile-Driven Storage service. For more information, see Stopping, starting, or restarting VMware vCenter Server services (1003895).
  4. Wait for at least 60 seconds for the certificates to be generated.
  5. Register the VASA provider with vCenter Server.


Additional Information

Powered by Wolken Software