vCenter Server Upgrade Fails with "Source Host Thumbprint Different" Error
book
Article ID: 373348
calendar_today
Updated On:
Products
VMware vCenter Server
Issue/Introduction
During a vCenter Server upgrade to version 8.0, the process may fail at Stage 2 with the error message: "Pre-upgrade check result: Error - The source host thumbprint is different than the provided one."
Environment
- vCenter Server version being upgraded from: 6.7.0 or later
Cause
This error typically occurs due to network connectivity issues between the newly deployed vCenter Server and the source environment. Common causes include:
Firewall restrictions blocking communication between the new and old vCenter Servers or ESXi hosts.
DNS resolution problems preventing proper name resolution.
Network configuration changes during the upgrade process.
DRS automatically moving the new vCenter VM to a different host when powering on during the upgrade process, causing a mismatch in expected host thumbprints.
Resolution
Verify network connectivity:
From the jump host, ping the temporary IP address assigned to the new vCenter Server.
From the jump host, ping the source vCenter Server and ESXi hosts.
From the new vCenter Server, ping the source vCenter Server and ESXi hosts.
Check firewall settings:
Review firewall rules on the network between the jump host, new vCenter Server, source vCenter Server, and ESXi hosts.
Ensure that required ports for vCenter Server communication are open (443, 902, etc.).
Verify DNS settings:
Check DNS resolution for all involved systems (jump host, new vCenter Server, source vCenter Server, ESXi hosts).
Update DNS records if necessary to ensure proper name resolution.
Use consistent deployment targets:
If possible, use the same deployment target (ESXi host or vCenter Server) for both Stage 1 and Stage 2 of the upgrade process.
Adjust DRS settings:
Set the DRS automation level to "Manual" or "Partially Automated" for the cluster where the new vCenter Server is being deployed.
Create a DRS rule to keep the new vCenter Server VM on its original deployment host during the upgrade process.
Regenerate SSL certificates if needed:
If certificate issues persist, consider regenerating SSL certificates for the involved systems.
Retry the upgrade:
If previous steps do not resolve the issue, consider redeploying the new vCenter Server and starting the upgrade process again.
Engage network team:
If network issues are suspected, involve your network team to investigate and resolve any potential routing or firewall problems.