During VIDM Certificate Replacement, the process fails at Stage 7, displaying the error message LCMVRAVACONFIG90027. This indicates Aria Suite Lifecycle is unable to establish a ssh connection with Aria Automation during the certificate replacement process.

You see the following snippets in the Aria Suite Lifecycle log location /var/log/vrlcm/vmware_vrlcm.log

INFO vrlcm[1253] [pool-3-thread-27] [c.v.v.l.p.a.s.Task]  -- Injecting task failure event. Error Code : 'LCMVRAVACONFIG90027', Retry : 'true', Causing Properties : '{ CAUSE :: cafeHostNamePrimary === cafeRootPasswordPrimary [REDACTED_PASSWORD] }'
com.vmware.vrealize.lcm.util.exception.SshAuthenticationFailureException: Cannot execute SSH commands on hostname [REDACTED_HOSTNAME]. Verify the SSH login credentials.
        at com.vmware.vrealize.lcm.drivers.vra80.helpers.VraPreludeInstallHelper.runCommandOnVra(VraPreludeInstallHelper.java:148) ~[vmlcm-vrapreludeplugin-driver-8.18.0-SNAPSHOT.jar!/:?]
        at com.vmware.vrealize.lcm.drivers.vra80.helpers.VraPreludeInstallHelper.runCommandOnVra(VraPreludeInstallHelper.java:125) ~[vmlcm-vrapreludeplugin-driver-8.18.0-SNAPSHOT.jar!/:?]
        at com.vmware.vrealize.lcm.drivers.vra80.helpers.VraPreludeInstallHelper.runCommandOnVra(VraPreludeInstallHelper.java:121) ~[vmlcm-vrapreludeplugin-driver-8.18.0-SNAPSHOT.jar!/:?]
        at com.vmware.vrealize.lcm.plugin.core.vra80.task.VraVaImportEnvironmentTask.execute(VraVaImportEnvironmentTask.java:138) [vmlcm-vrapreludeplugin-core-8.18.0-SNAPSHOT.jar!/:?]
        at com.vmware.vrealize.lcm.automata.core.TaskThread.run(TaskThread.java:62) [vmlcm-engineservice-core-8.18.0-SNAPSHOT.jar!/:?]
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [?:?]
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [?:?]
        at java.base/java.lang.Thread.run(Unknown Source) [?:?]

VMware Identity Manager (VIDM) 3.3.x

Aria Suite Lifecycle 8.x

Aria Automation 8.x

Upon retrying you can notice Aria Suite was attempting to establish an SSH connection using an outdated or incorrect password, leading to authentication failure and consequently, the stoppage of the VIDM certificate replacement process at Stage 7. The LCMVRAVACONFIG90027 error is a generic indicator of a configuration issue, and in this specific scenario, the root cause was the stale SSH credentials.

To resolve this issue, update the SSH password used by Aria Suite with the correct, current password and then retry the failed certificate replacement request.

Steps: Remediating passwords updated outside of VMware Aria Suite Lifecycle 

Expected Outcome:

After the password update and retry, the VIDM certificate replacement process should complete successfully without encountering the LCMVRAVACONFIG90027 error at Stage 7.