During vCenter Server upgrade to VCF 9.0, the pre-check shows following error message :

Please remove/disable RSA SecurID login before proceeding https://knowledge.broadcom.com/external/article?articleId=368759.

VCF 9.0
vCenter Server 7.x
vCenter Server 8.x

VCF 9.0 removes the support for the RSA SecurID authentication method.

Before upgrading to VCF 9.0, the vCenter Server administrator must disable the RSA SecurID authentication and ensure alternative authentication is enabled.

Customers can use MFA through federated authentication. See here for more information on configuring federated authentication.

Procedure to disable RSA SecureID

• Login to vCenter Server using SSH
• Change to the directory that contains the sso-config script
  
  cd /opt/vmware/bin
  
  
• To activate other authentication methods, run the following command.
  
  sso-config.sh -set_authn_policy -pwdAuthn true -t <tenantName>
  
  Important: Ensure you have enabled alternative authentication methods before proceeding to the next step. Try using the newly enabled alternative authentication mechanisms to verify they work before turning off the RSA SecurID authentication. Failure to verify an alternative authentication method may lock you out of this vCenter instance.
  
  
• To deactivate RSA SecurID authentication, run the following command.
  
  sso-config.sh -t <tenantName> -set_authn_policy -securIDAuthn false
  
  
• To display the current settings, run the following command.
  
  sso-config.sh -t <tenantName> -get_rsa_config

Note: <tenantName> is the name of the vCenter Single Sign-On domain, vsphere.local by default.

Set Up RSA SecurID Authentication on vCenter Server.