The user account under "user name" should be AD account with domain user membership, the below error message is for "local account".
/var/log/vmware/vcf/operationsmanager/operationsmanager.log:
<P ID=locPageTitle> <B> Error </B>
<!-- Green HR --><Table Border=0 CellSpacing=0 CellPadding=0 Width=100%><TR><TD BgColor=#008080><Img Src="certspc.gif" Alt="" Height=2 Width=1></TD></TR></Table>
<P ID=locReqFailed> Your request failed. An error occurred while the server was processing your request.
</P>
:
:
<DT ID=locComInfoLabel><Font Size=-1><B>COM Error Info:</B></Font></DT><DD>
CCertRequest::Submit: No mapping between account names and security IDs was done. 0x80070534 (WIN32: 1332 ERROR_NONE_MAPPED)
:
:
YYYY-MM-DDTHH:MM:SS.MSZ ERROR [vcf_om,670ee967896654fa352d25f8735623d5,4056] [c.v.v.c.s.o.i.CertificateOperationOrchestratorImpl,om-exec-11] Generate certificate operation failed for vcsa.example.com, Failed to fetch certificate from Microsoft CA with Invalid request found..
com.vmware.vcf.certmgmt.common.exception.CertificateManagementException: Failed to fetch certificate from Microsoft CA with Invalid request found..
at com.vmware.vcf.certmgmt.ca.plugin.MicrosoftCaService.fetchReqId(MicrosoftCaService.java:218)
at com.vmware.vcf.certmgmt.ca.plugin.MicrosoftCaService.generateSignedCertificate(MicrosoftCaService.java:243)
at com.vmware.vcf.certmgmt.ca.plugin.MicrosoftCaService.generateAndFetchCertificateChain(MicrosoftCaService.java:112)
at com.vmware.vcf.certmgmt.ca.plugin.MicrosoftCaPlugin.getCertificateChain(MicrosoftCaPlugin.java:40)
VMware Cloud Foundation 4.x
VMware Cloud Foundation 5.x
User name configured here is of type local. Per Assign Certificate Management Privileges to the SDDC Manager Service Account the user account should be an Active Directory with Domain Users membership.
Create a user account in Active Directory with Domain Users membership.