Error on Certificate Management from vSphere Web client: "unexpected error occurred while performing your action"
search cancel

Error on Certificate Management from vSphere Web client: "unexpected error occurred while performing your action"

book

Article ID: 375508

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

- Active directory users are unable to view Certificate Management page from vSphere-UI: "unexpected error occurred while performing your action"

 

Environment

VMware vCenter Server 7.x

Cause

/var/log/vmware/certificatemanagement/certificatemanagement-svcs.log:


2024-07-09T02:00:01.243-08:00 [tomcat-exec-10 [] ERROR com.vmware.certificatemanagement.vapi.impl.setup.AuthzPermissionValidator  opId=] User ABC.group\Testuser who belongs to groups [vsphere.local\Everyone] has no required privileges [System.Read] to invoke API com.vmware.vcenter.certificate_management.vcenter.trusted_root_chains.list


2024-07-09T02:02:09.314-08:00 [tomcat-exec-7 [] INFO  com.vmware.certificatemanagement.vapi.impl.setup.AuthzPermissionValidator  opId=] User ABC.group\Testuser has required privileges [System.Read] to invoke API com.vmware.vcenter.certificate_management.vcenter.trusted_root_chains.list

 

/var/log/vmware/vsphere-ui/logs/vsphere_client_virgo.log:

[2024-07-09T02:00:01.749-08:00] [INFO ] extfw-filterer-pool-238      70000339 100021 200004 com.vmware.vise.mvc.filters.HlmCapabilitiesFilter                 Error calling capabilities api com.vmware.vapi.std.errors.Unauthorized: Unauthorized (
com.vmware.vapi.std.errors.unauthorized) => {
    messages = [LocalizableMessage (com.vmware.vapi.std.localizable_message) => {
    id = com.vmware.vapi.authorization.permission.denied,
    defaultMessage = Permission to perform this operation was denied.,
    args = [],
    params = <null>,
    localized = <null>
}],
    data = <null>,
    errorType = UNAUTHORIZED
}

Caused by: com.vmware.vapi.std.errors.Unauthorized: Unauthorized (com.vmware.vapi.std.errors.unauthorized) => {
    messages = [LocalizableMessage (com.vmware.vapi.std.localizable_message) => {
    id = com.vmware.vapi.authorization.permission.denied,
    defaultMessage = Permission to perform this operation was denied.,

 

- User/Group Missing from Administrators Group

Resolution

Add User/Group to the Administrators Group which is part of Global permission.

- Goto vSphere Client -> Administration -> Users and Groups -> Groups -> Administrators -> EDIT -> Add a member