[HCX] Site Pairing creation to a VMware Cloud Director target fails with error "Cannot authenticate using provided credentials"
search cancel

[HCX] Site Pairing creation to a VMware Cloud Director target fails with error "Cannot authenticate using provided credentials"

book

Article ID: 398525

calendar_today

Updated On:

Products

VMware HCX

Issue/Introduction

  • You are configuring the HCX Connector from the source site and trying to create the Site Pairing to a VMware Cloud Director-managed private cloud site
  • The credentials are valid and allow login to the remote VMware Cloud Director service in the correct Org
  • The connectivity between the HCX Connector and the VCD site HCX Cloud Manager is open on TCP port 443
  • The remote VCD HCX Cloud Manager's certificate and the VCD's CA certificate have both been imported into the trusted certificates of the source site's HCX Connector per our documented process
  • The Site Pairing creation fails with error "Cannot authenticate using provided credentials"

Environment

HCX

VMware Cloud Director

Cause

In some circumstances the HCX Cloud Manager Service may not have been fully added to the VCD's inventory of the Org used for the intended pairing, causing VCD to reject the authentication attempt from the Cloud Manager despite valid credentials.

In the Cloud Manager's logs from /common/logs/admin/web.log for each failed attempt, you can find lines such as:

2025-05-21 14:10:45.477 UTC [https-jsse-nio-8443-exec-1, , , TxId: ] INFO  c.v.v.h.a.AccessTokenRestController- Received session-info {"organizations":["<ORG ID>"],"currentOrg":{"name":"<ORG name>","href":"https:\/\/<VCD FQDN>\/api\/org\/<ORG ID>","uuid":"<ORG ID>"},"userName":"<account>","roles":["Organization Administrator"],"rights":[]}
2025-05-21 14:10:45.495 UTC [https-jsse-nio-8443-exec-1, , , TxId: ] ERROR c.v.v.h.a.HybridityAuthenticationEntryPoint- AuthenticationEntryPoint - got AuthenticationException
org.springframework.security.authentication.BadCredentialsException: Org <ORG ID> not synced to inventory. Please check if this Org is filtered in ApplianceConfig

Resolution

From the remote HCX Cloud Manager's system console on port 9443:

  1. remove the VCD provider settings: VCD URL and service account credentials
  2. from the Appliance Summary pane, stop then start again each of the HCX Services
  3. add the VCD provider parameters again to the HCX system's configuration

Then from the source site's HCX UI, proceed with creating the Site Pairing

Additional Information

If the resolution method fails to resolve this issue, please open a support case with Broadcom Support and refer to this KB article.

For more information, see Creating and managing Broadcom support cases.

Please Gather Technical Support Logs for both HCX on-prem/Cloud and include the database.

Powered by Wolken Software