Cannot generate token when using OBTU uploading manifest to SDDC LCM
search cancel

Cannot generate token when using OBTU uploading manifest to SDDC LCM

book

Article ID: 391696

calendar_today

Updated On: 03-24-2025

Products

VMware SDDC Manager

Issue/Introduction

- The error output while uploading manifest file to SDDC LCM

[YYYY-MM-DDTHH:MM:SS] [main] ERROR [com.vmware.evo.sddc.lcm.tools.common.adapter.impl.CompatibilityUploadApiAdapterImpl]
                      Failed to upload the compatibility metadata file in /nfs/vmware/vcf/nfs-mount/vcf521/Compatibility for VMWARE_COMPAT to LCM: Could not generate token
[YYYY-MM-DDTHH:MM:SS] [main] DEBUG [com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtilityUploader]
                      Exception when updating VvsMetadata 
com.vmware.evo.sddc.lcm.model.error.LcmException: Failed to upload compatibility data from /nfs/vmware/vcf/nfs-mount/vcf521/Compatibility to LCM.
 at com.vmware.evo.sddc.lcm.tools.common.adapter.impl.CompatibilityUploadApiAdapterImpl.uploadCompatibilityMetadataFileToLCM(CompatibilityUploadApiAdapterImpl.java:181)
 at com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtilityUploader.updateCompatibilityData(BundleTransferUtilityUploader.java:913)
 at com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtilityHelper.updateVmwareCompatibilityMetadata(BundleTransferUtilityHelper.java:2736)
 at com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtility.uploadCompatibilityMatrices(BundleTransferUtility.java:1776)
 at com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtility.process(BundleTransferUtility.java:1332)
 at com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtility.parse(BundleTransferUtility.java:219)
 at com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtility.main(BundleTransferUtility.java:2361)
 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
 at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
 at java.base/java.lang.reflect.Method.invoke(Unknown Source)
 at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49)
 at org.springframework.boot.loader.Launcher.launch(Launcher.java:95)
 at org.springframework.boot.loader.Launcher.launch(Launcher.java:58)
 at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:65)
Caused by: java.lang.RuntimeException: Could not generate token
 at com.vmware.evo.sddc.lcm.tools.common.adapter.TokenDependent.getToken(TokenDependent.java:87)
 at com.vmware.evo.sddc.lcm.tools.common.adapter.impl.CompatibilityUploadApiAdapterImpl.setAuthToken(CompatibilityUploadApiAdapterImpl.java:207)
 at com.vmware.evo.sddc.lcm.tools.common.adapter.impl.CompatibilityUploadApiAdapterImpl.uploadCompatibilityMetadataFileToLCM(CompatibilityUploadApiAdapterImpl.java:89)

- Check OBTU log"

[YYYY-MM-DDTHH:MM:SS] [main] DEBUG [com.vmware.evo.sddc.lcm.tools.common.adapter.TokenDependent]
                      Failed to create token. Will retry after 30 seconds
[YYYY-MM-DDTHH:MM:SS] [main] DEBUG [com.vmware.evo.sddc.lcm.tools.common.adapter.TokenDependent]
                      Exception while creating token - 
[YYYY-MM-DDTHH:MM:SS] [main] DEBUG [com.vmware.evo.sddc.lcm.tools.common.adapter.TokenDependent]
                      Failed to create token. Will retry after 30 seconds
[YYYY-MM-DDTHH:MM:SS] [main] DEBUG [com.vmware.evo.sddc.lcm.tools.common.adapter.TokenDependent]
                      Exception while creating token - 
[YYYY-MM-DDTHH:MM:SS] [main] ERROR [com.vmware.evo.sddc.lcm.tools.common.adapter.TokenDependent]
                      Failed to generate token
java.lang.Exception: Unable to create token after 8 retries.
	at com.vmware.evo.sddc.lcm.tools.common.adapter.TokenDependent.createToken(TokenDependent.java:114)
	at com.vmware.evo.sddc.lcm.tools.common.adapter.TokenDependent.getToken(TokenDependent.java:81)
	at com.vmware.evo.sddc.lcm.tools.common.adapter.impl.ProductVersionCatalogApiAdapterImpl.uploadProductVersionCatalog(ProductVersionCatalogApiAdapterImpl.java:55)
	at com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtilityUploader.uploadProductVersionCatalog(BundleTransferUtilityUploader.java:882)
	at com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtilityHelper.uploadProductVersionCatalog(BundleTransferUtilityHelper.java:2332)
	at com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtility.uploadProductVersionCatalog(BundleTransferUtility.java:2233)
	at com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtility.process(BundleTransferUtility.java:1271)
	at com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtility.parse(BundleTransferUtility.java:219)
	at com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtility.main(BundleTransferUtility.java:2361)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.base/java.lang.reflect.Method.invoke(Unknown Source)
	at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49)
	at org.springframework.boot.loader.Launcher.launch(Launcher.java:95)
	at org.springframework.boot.loader.Launcher.launch(Launcher.java:58)
	at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:65)
[YYYY-MM-DDTHH:MM:SS] [main] ERROR [com.vmware.evo.sddc.lcm.tools.bundletransfer.BundleTransferUtilityUploader]
                      Exception occurred uploading product version catalog.

Environment

VMware SDDC Manager 5.x

Cause

- The missing "Subject Alternative Name" in the SDDC Manager's certificate causes OBTU to be unable to communicate with SDDC.

Resolution

- Check the SDDC Certificate 

1.  # openssl s_client -connect localhost:443

2. Copy the part of certificate to a single .csr file 

3. Read the .crt file to check if there are "Subject Alternative Name" in it 
# openssl x509 -noout -text -in sddc.crt 

- The output should be like

        X509v3 extensions:
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Subject Alternative Name:    <--------------
                DNS:<SDDC FQDN>    <--------------

- If no Subject Alternative Name is found, please follow the KB#336778 to replace the SDDC again.