TCA 3.1 - Update vCenter Certificate for TKG Cluster
search cancel

TCA 3.1 - Update vCenter Certificate for TKG Cluster


Article ID: 345720


Updated On:


VMware VMware Telco Cloud Automation VMware Telco Cloud Platform - 5G Edition


- In Telco Cloud Automation (TCA) 3.1, all cluster, nodepool, and Network Function (NF) operations require a secure trust to vCenter via a vSphere certificate thumbprint. 

- If a vCenter's certificate has been updated, the following steps must be followed to restore functionality to TCA 3.1


VMware Telco Cloud Automation 3.1



Re-Import vCenter Certificate to TCA-M and TCA-CP

  1. Log in to the VMware Telco Cloud Automation Appliance Manager using the port tca-m/tca-cp:9443.
  2. Click Certificate > Trusted CA Certificate > IMPORT.
  3. Select the trusted certificate type that you want to import and do one of the following:
    - Browse and select the file to import.
    - Type the URL of the certificate.
    - Paste the certificate file content.
  4. Click Apply.


Update the vCenter thumbprint in TKG Clusters.
  1. SSH into the TCA-CP that controls the management clusters using the admin credentials.

ssh admin@<tca-cp-ip>

       2. Check connectivity to retrieve the update-vc-tp script.
curl -kfsSL | bash -s -- -h
NOTE: For airgap environments, users should download the script to another location first, then copy it to the TCA-CP.

       3.  Run the script with vc address
curl -kfsSL | bash -s -- -d <vc address>

Additional Information

Impacts Telco Cloud Automation 3.1