vRA replace certificate request fails with Error LCMVROVACONFIG100034 at task 'set VMware Aria Automation as authentication provider in VMware Aria Automation Orchestrator.'
Article ID: 375655
Updated On:
Products
VCF Operations/Automation (formerly VMware Aria Suite)
Issue/Introduction
Replacing the certificate on Aria Automation, it throws an error when trying to re-authenticate external Aria Orchestrators
-Error Code: LCMVROVACONFIG100034
-Failed to set VMware Aria Automation as authentication provider in VMware Aria Automation Orchestrator.
-Error in setting the VMware Aria Automation as authentication provider in VMware Arla Automation Orchestrator.Environment
- Aria Automation is deployed and associated with 2 or more tenants (Default and Custom Tenant), vRA authenticated vRO is deployed with both the Tenants.
- Initiate Aria Automation replace certificate request on Aria Suite Lifecycle Manager.
- The certificates on the Aria Automation appliance do successfully change but the request fails at task 'set VMware Aria Automation as authentication provider in VMware Aria Automation Orchestrator.'
Cause
- The request payload in LCM takes vRA hostname as default tenant hostname instead of Tenant vRA hostname and login fails.
- We see the following in the /var/log/vrlcm/vmware_vrlcm.log
=========================
2024-06-28T07:27:17.706Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.d.v.t.SetNewVroVraAuthConfigTask] – VMware Aria Automation Orchestrator password YXYXYXYX created response:
{ "exitStatus" : 0, "outputData" : "", "errorData" : null, "commandTimedOut" : false }
2024-06-28T07:27:17.706Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.d.v.h.VroUtil] – vRO ENDPOINT HOST :: DefaultTenant.fqdn.local
2024-06-28T07:27:17.706Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.d.v.h.VroUtil] – COMMAND :: vracli vro authentication set -p vra -hn DefaultTenant.fqdn.local -u localadmin --password-file YXYXYXYX -f -k
2024-06-28T07:27:17.938Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.u.SshUtils] – Executing command on the host: DefaultTenant.fqdn.local , as user: root
2024-06-28T07:27:17.939Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.u.SshUtils] – ------------------------------------------------------
2024-06-28T07:27:17.939Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.u.SshUtils] – Command: vracli vro authentication set -p vra -hn DefaultTenant.fqdn.local -u localadmin --password-file YXYXYXYX -f -k
2024-06-28T07:27:17.939Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.u.SshUtils] – ------------------------------------------------------
2024-06-28T07:27:47.991Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.u.SshUtils] – exit-status: 255
2024-06-28T07:27:47.991Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.u.SshUtils] – Command executed sucessfully
2024-06-28T07:27:47.992Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.d.v.h.VroUtil] – Command Status code :: 255
2024-06-28T07:27:47.992Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.d.v.h.VroUtil] – ====================================================
2024-06-28T07:27:47.992Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.d.v.h.VroUtil] – Output Stream ::
2024-06-28T07:27:47.992Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.d.v.h.VroUtil] – ====================================================
2024-06-28T07:27:47.992Z INFO vrlcm[4004] [pool-3-thread-36] [c.v.v.l.d.v.h.VroUtil] – Can not login with username and password YXYXYXYX Aria Automation
pod prelude/vro-cli-<ID> terminated (Error)Resolution
-
This behaviour has been resolved in VCF 9.x.
-
For Aria Orchestrator 8.18.x, please follow the documented workaround to import the new vRA certificate into the vRO Control Center.
- Note: Starting with Aria Automation Orchestrator 8.18.1, the Control Center is no longer available. Please refer to the Techdocs to manage Automation Orchestrator certificates and add the new Aria Automation certificate to the Trust Store.
- After completing the certificate import, perform an inventory sync on the vRA environment to ensure the new certificate is actively in use.
Feedback
Yes
No
Powered by
