Multiple vCenter services fail to start properly despite some services (such as vmware-vapi-endpoint) starting successfully. This occurs when the system hostname does not match the Primary Network ID (PNID) configuration in the vCenter Server.

• Multiple vCenter services fail to start, particularly vmware-vpxd
• The vCenter web interface may be inaccessible
• Certificate errors may appear in service logs
• Error messages about hostname or PNID mismatch may appear when using diagnostic tools

• VMware vCenter Server 7.0 and newer

The vCenter Server requires the system hostname to match the Primary Network ID (PNID) for proper communication between services and accurate certificate validation. When these values don't match, service dependencies fail to resolve correctly, leading to service startup failures.

Option 1: Using the vSphere Deployment Troubleshooting Tool (VDT)

1.  Run the VDT tool to identify hostname/PNID mismatch issues:
   

      python /usr/lib/vmware-vdt/vdt.py

      For more information about the VDT tool, see Using the VCF Diagnostic Tool for vSphere (VDT)
    
2. Manually verify the hostname and PNID mismatch:
   
   
   1. Check the current hostname:
      

         hostname

   2. Check the current PNID:
      

         /usr/lib/vmware-vmafd/bin/vmafd-cli get-pnid --server-name localhost

3. Access the VAMI interface via https://<vcenter-ip>:5480 and log in with the vCenter Server root account credentials
   
   
4. Navigate to Networking
   
   
5. In the hostname field, update the hostname to match the PNID value identified in Step 2b
   
   
6. Save the changes and allow the system to restart necessary services
   
   
7. If desired, after services have started successfully, change the hostname to the preferred value using the same VAMI interface
   
   

Option 2: When VAMI Network Settings Method Fails

In some cases, particularly when the hostname is set to "localhost" and the PNID is set to the vCenter IP address, the VAMI interface may not allow hostname changes. In this scenario:

1. Use the command-line utility to change the hostname to match the PNID:
   

      /opt/vmware/share/vami/vami_config_net

    
2. After changing the hostname, reissue all certificates using vCert utility:
   
   
   1. Download and install vCert following instructions in vCert - Scripted vCenter Expired Certificate Replacement
      
      
   2. Follow the vCert procedure to reissue all certificates
      
      
   3. The vCert tool will also update the VMware Directory Service (vmdir) lookupservice entries
      
      
3. Restart all vCenter services:
   

      service-control --restart --all

4. Verify that services have started successfully:
   

      service-control --status --all

• It's recommended to set up certificate expiration alerts to avoid related issues in the future
• The vami_config_net utility does not properly update certificates and vmdir lookupservice entries, which is why the vCert procedure is recommended when this utility must be used
• In environments where hostname is set to "localhost" or does not match PNID, certificate manager tools may report IP address mismatches when trying to regenerate certificates
• This issue is particularly common in environments where vCenter Server has been restored from backup or where hostname changes have been made outside of the recommended procedures