• This article speaks about the error received on vcf brownfield environments regarding precheck failure

  fetching assessment ID failed. Failed to get information about the recent assessment runs. Reason: 'Validation of data source of type INTERNAL_MIXED_SDDC_MANAGER and address <SDDC-MGR_FQDN>.'. For more information look for <TOKEN_ID> in the operations manager log files

• On the var/log/vmware/vcf/operationsmanager/operationsmanager.log  we get the below SSL error

  ERROR [vcf_om,be1cbe4566cc42ec,f205] [c.v.v.b.h.SddcManagerJwtTokenHelper,http-nio-127.0.0.1-7300-exec-6] Query to SDDC Manager failed with: javax.net.ssl.SSLPeerUnverifiedException: Hostname SDDC-MGR_FQDN not verified:
  ERROR [vcf_om,be1cbe4566cc42ec,f205] [c.v.v.b.i.p.h.InternalMixedDatasourceHandler,http-nio-127.0.0.1-7300-exec-6] Failed to get sddc-manager info from datasource with address SDDC-MGR_FQDN
  ERROR [vcf_om,be1cbe4566cc42ec,f205] [c.v.e.s.e.h.LocalizableRuntimeExceptionHandler,http-nio-127.0.0.1-7300-exec-6] [####96] BASELINER_DATASOURCE_VALIDATION_FAILED Validation of data source of type INTERNAL_MIXED_SDDC_MANAGER and address SDDC-MGR_FQDN failed.

• On the var/log/vmware/vcf/domainmanager/domainmanager.log we see there is a difference between the SDDC-Manager hostname and address

  DEBUG [vcf_dm,679cfe8f140c14f3fc303eebb271ab63,dbc9] [c.v.e.s.o.c.c.ContractParamBuilder,dm-exec-17]  Contract task Generate input for initializing SDDC Brownfield result: {"vcenterId":"vcenter_id","vcenterEndpoint":{"address":"VC_FQDN","port":0,"username":"USERNAME@DOMAIN","password":"*****"},"vlcmClusterIds":["cluster_id"],"sddcManagerEndpoint":{"address":"sddc-mgr_shortname","port":0,"username":"user@local","password":"*****"},"sddcManagerController":{"id":"sddc-mgr-controller_id","status":"ACTIVE","version":"5.2.0.x","hostName":"SDDC-MGR_FQDN","privateIpAddress":"SDDC-MGR_IP","managementIpAddress":"SDDC-MGR_IP","domainId":"domain_id","vmName":"VCF-SDDC-Manager-Appliance-5.2.0.x"},"ssoName":"sso_name"}

• On the var/log/vmware/vcf/commonsvcs/vcf-commonsvcs.log we see difference between the FQDN for the SDDC manager and the common name (CN) in the certificate subject

  "sddcManagerController": { "domainId": "domain_id", "ipAddressPrivate": "SDDC-MGR_IP", "vmName": "VCF-SDDC-Manager-Appliance-5.2.0.x", "vmManagementIpAddress": "SDDC-MGR_IP", "vmHostname": "SDDC-MGR_FQDN", "status": "ACTIVE", "version": "5.2.0.x", "id": "sddc-mgr-controller_id" }
  
   Subject: CN=sddc-mgr_shortname, OU=VMware Engineering

VMware Cloud Foundation 5.2.0

The issue is caused when, while deploying the SDDC Manager, the short name for the SDDC-Manager has been used instead of the FQDN .This results in the system being misconfigured as SDDC-Manager Certificate is generated with the shortname and some APIs/Services are being invoked with the full FQDN.

This issue has been resolved in VCF 5.2.1 by verifying that the hostname matches the FQDN for the SDDC-Manager before proceeding with the deployment.

To workaround this issue, the below steps need to be followed:

1. Ensure the FQDN "SDDC-MGR_FQDN" is DNS resolve-able using nslookup
   1. Open a command prompt and run the below commands

      nslookup SDDC-MGR_FQDN
      nslookup SDDC-MGR_IP

2. Set the proper hostname on the SDDC-Manager
   1. SSH to SDDC Manager with vcf and su to root
   2. Run the below command

      /usr/bin/hostnamectl set-hostname SDDC-MGR_FQDN

3. Regenerate the SDDC-Manager certificates using cert management via UI or CLI - Refer Replacing SDDC certificates with VMCA