When we try to use the TKG wizard we see that WaitForCertificate step is blocked as we are unable to get the CA cert detail from HAProxy VM.

TKG wizard is stuck in "WaitForCertificate" step

Log
{"function":"WaitForCertificate","level":"debug","msg":"Wait for certificate","time":"2024-06-03T22:11:42Z"}

NAPP 4.1.2

The HAProxy CA cert value is set as the property "guestinfo.dataplaneapi.cacert" and is set from the VM itself. If the HAProxy VM is restarted after deployment, the value set is lost.

To resolve this issue, run the following command by logging into the HAProxy VM:

vmware-rpctool "info-set guestinfo.dataplaneapi.cacert $(base64 -w0 /etc/haproxy/ca.crt)"

This workaround sets the HAProxy CA cert value correctly, allowing the TKG wizard to proceed.

If you are unable to access the Haproxy VM ,

Please follow the below article

https://knowledge.broadcom.com/external/article/377393/deploying-vspherehaproxy-appliance-faile.html