Update vCenter Certificate for TKG Cluster
search cancel

Update vCenter Certificate for TKG Cluster

book

Article ID: 345720

calendar_today

Updated On:

Products

VMware Telco Cloud Automation VMware Telco Cloud Platform - 5G Edition

Issue/Introduction

  • All cluster, nodepool, and Network Function (NF) operations require a secure trust to vCenter via a vSphere certificate thumbprint. 
  • If a vCenter's certificate has been updated, the following steps must be followed to restore functionality to TCA 3.1

Environment

3.1

Resolution

Step1:

Re-Import vCenter Certificate to TCA-M and TCA-CP

  1. Log in to the VMware Telco Cloud Automation Appliance Manager using the port tca-m/tca-cp:9443.
  2. Click Certificate > Trusted CA Certificate > IMPORT.
  3. Select the trusted certificate type that you want to import and do one of the following:
    - Browse and select the file to import.
    - Type the URL of the certificate.
    - Paste the certificate file content.
  4. Click Apply.


Step2:

Update the vCenter thumbprint in TKG Clusters.

  1. SSH into the TCA-CP that controls the management clusters using the admin credentials.

ssh admin@<tca-cp-ip>

       2. Check connectivity to retrieve the update-vc-tp script.

curl -kfsSL https://vmwaresaas.jfrog.io/artifactory/generic-registry/kb/vc-updater/tca3.0/update-vc-tp.sh | bash -s -- -h

NOTE: For airgap environments, users should download the script to another location first, then copy it to the TCA-CP.

       3.  Run the script with vc address

curl -kfsSL https://vmwaresaas.jfrog.io/artifactory/generic-registry/kb/vc-updater/tca3.0/update-vc-tp.sh | bash -s -- -d <vc address>

Additional Information