• HCX Site Pairing is down and it shows the below error message :
  PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  
  
  
• The HCX Site Pairing is configured using FQDN address in the "Remote HCX URL" field.
• Confirm that you have no site pairing connectivity issues
  
  
• You would observe the following log entries in the HCX Manager  : /common/logs/admin/web.log
  

  <timestamps> UTC [https-jsse-nio-127.0.0.1-8443-exec-6, Ent: HybridityAdmin, , TxId: TxId: ####-####] ERROR c.v.v.h.api.registration.CloudConfig- Unable to update site-pair: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  com.vmware.vchs.hybridity.adapters.https.UntrustedCertificateException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

VMware HCX
HCX deployed on VMware Cloud on AWS

The HCX Manager certificate at the Cloud (Target) site was recently updated or replaced. As a result, site pairing is disrupted because the Source HCX Manager is not aware of the updated certificate.

• If the Site Pairing is down, configuration workflows will fail and no migrations can be scheduled from HCX Connector or source Cloud Manager. Existing Network Extension services will remain active indefinitely but no configuration changes can be made on those, except for "unstretch", which can be forced from the target HCX Cloud Manager's side.
• HCX Site Pairing Connectivity Diagnostics
• HCX Site Pairing is disconnected post certificate renewal on Target HCX Cloud