'Error: Failed to validate use of selected JMX certificate: ERROR - Unable to establish SSL connection ....' while trying to replace self-signed certificates using the VMware Cloud Director UI portal.
search cancel

'Error: Failed to validate use of selected JMX certificate: ERROR - Unable to establish SSL connection ....' while trying to replace self-signed certificates using the VMware Cloud Director UI portal.

book

Article ID: 378987

calendar_today

Updated On:

Products

VMware Cloud Director

Issue/Introduction

  • You are trying to put the cell into maintenance mode for changing the self-singed certificates  using the documentation: View and Manage Your VMware Cloud Director Cell Infrastructure but you can see the task of putting the cell into maintenance mode gets queued and never finishes.

  • Even if the task does not finish you are trying to replace the self-signed certificates using the same documentation mentioned above via the VMware Cloud Director UI which fails with the error:
    Error: Failed to validate use of selected JMX certificate: ERROR - Unable to establish SSL connection: java.net.SocketTimeoutException: Read timed out
     

Environment

VMware Cloud Director 10.5.x.

Resolution

You need to follow the below steps for changing the certificates of each cell in VMware Cloud Director infrastructure.
 
  1. You need to put the cells into maintenance mode using the CLI of the individual cells. SSH to the individual cell you want to change the certificate for and use the bellow cell management tool command to put them to maintenance mode:

    cell-management-tool cell -i $(service vmware-vcd pid cell) --maintenance true

  2. After putting the cell into maintenance mode via the CLI, you have to open the VMware Cloud Director provider portal using the cell i.p address instead of the public FQDN. For example, access the VMware Cloud Director UI using the cell portal: https://<cell i.p address>/provider

  3. Click on the Cloud Cells page in the provider menu and then click the name of the cell of which you want to change the certificate.

  4. Click Endpoints Configuration and click Edit.

  5. In the Edit Endpoint Configuration dialog box, you need to click the Edit icon next to the web server SSL certificate or Java Management Extensions (JMX) SSL certificate and change the both the certificates or the necessary certificates you want to change.

  6. You can see the certificate of the individual cell has been changed successfully. 

  7. Replace the method for Step 1. to Step 6.  for all the cells in VMware Cloud Director infrastructure.

  8. After changing all the certificates of the cells, you can login via the FQDN of the VMware Cloud Director provider portal and you can see the certificate of the Public UI has been changed. 
Powered by Wolken Software