While creating CSR using certificate-manager with option not to use existing configuration file, fails with traceback in vCenter Server Appliance
Article ID: 342782
Updated On:
Products
VMware vCenter Server
Issue/Introduction
Symptoms:
For Example:
Press Enter key to skip optional parameters or use Previous value.
Enter proper value for 'Country' [Previous value : ] :
Enter proper value for 'Name' [Previous value : ] : <FQDN>
Enter proper value for 'Organization' [Previous value : ] :
Enter proper value for 'OrgUnit' [Previous value : ] :
Enter proper value for 'State' [Previous value : ] :
Enter proper value for 'Locality' [Previous value : ] :
Traceback (most recent call last):
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 716, in <module>
exit(main())
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 710, in main
parse_arguments()
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 702, in parse_arguments
operations[var.strip()]()
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 149, in replace_ssl_cert_with_vmca_cert
prepare_all_config_file()
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 138, in prepare_all_config_file
prepare_cfg_file(cfg_filenames, machine_id, pnid)
File "/usr/lib/vmware/site-packages/cis/certificateManagerUtils.py", line 262, in prepare_cfg_file
indexCrtElement = tempcfgKeys.index(crtElement)
ValueError: 'Email' is not in list
- While creating CSR using certificate-manager with option not to use existing configuration file, fails with traceback in vCenter Server Appliance
Traceback (most recent call last):
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 716, in <module>
exit(main())
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 710, in main
parse_arguments()
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 702, in parse_arguments
operations[var.strip()]()
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 149, in replace_ssl_cert_with_vmca_cert
prepare_all_config_file()
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 138, in prepare_all_config_file
prepare_cfg_file(cfg_filenames, machine_id, pnid)
File "/usr/lib/vmware/site-packages/cis/certificateManagerUtils.py", line 262, in prepare_cfg_file
indexCrtElement = tempcfgKeys.index(crtElement)
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 716, in <module>
exit(main())
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 710, in main
parse_arguments()
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 702, in parse_arguments
operations[var.strip()]()
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 149, in replace_ssl_cert_with_vmca_cert
prepare_all_config_file()
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 138, in prepare_all_config_file
prepare_cfg_file(cfg_filenames, machine_id, pnid)
File "/usr/lib/vmware/site-packages/cis/certificateManagerUtils.py", line 262, in prepare_cfg_file
indexCrtElement = tempcfgKeys.index(crtElement)
For Example:
Press Enter key to skip optional parameters or use Previous value.
Enter proper value for 'Country' [Previous value : ] :
Enter proper value for 'Name' [Previous value : ] : <FQDN>
Enter proper value for 'Organization' [Previous value : ] :
Enter proper value for 'OrgUnit' [Previous value : ] :
Enter proper value for 'State' [Previous value : ] :
Enter proper value for 'Locality' [Previous value : ] :
Traceback (most recent call last):
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 716, in <module>
exit(main())
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 710, in main
parse_arguments()
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 702, in parse_arguments
operations[var.strip()]()
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 149, in replace_ssl_cert_with_vmca_cert
prepare_all_config_file()
File "./usr/lib/vmware-vmca/bin/certificate-manager", line 138, in prepare_all_config_file
prepare_cfg_file(cfg_filenames, machine_id, pnid)
File "/usr/lib/vmware/site-packages/cis/certificateManagerUtils.py", line 262, in prepare_cfg_file
indexCrtElement = tempcfgKeys.index(crtElement)
ValueError: 'Email' is not in list
Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.
Environment
VMware vCenter Server Appliance 6.5.x
VMware vCenter Server Appliance 6.7.x
VMware vCenter Server Appliance 6.0.x
VMware vCenter Server Appliance 6.7.x
VMware vCenter Server Appliance 6.0.x
Cause
This issue occurs if the /var/tmp/vmware/certool.cfg is incomplete
Resolution
- Log in to the vCenter Server Appliance using ssh
- Backup the existing certool.cfg under /var/tmp/vmware
mv /var/tmp/vmware/certool.cfg /var/tmp/vmware/certool.cfg.bkp
- Replace the certool.cfg under /var/tmp/vmware with /usr/lib/vmware-vmca/share/config/certool.cfg
cp /usr/lib/vmware-vmca/share/config/certool.cfg /var/tmp/vmware/certool.cfg
Feedback
Yes
No
Powered by
