NSX Upgrade Fails During Precheck Due to Expired NSX Manager Certificate

search cancel

NSX Upgrade Fails During Precheck Due to Expired NSX Manager Certificate

book

Article ID: 402720

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

The NSX upgrade fails during the precheck stage due to expired certificates on the NSX Manager, and the same behavior is observed even when the upgrade is initiated from the SDDC.

The failure occurs during the certificate validation precheck on the NSX Manager UI, resulting in the following error:

The certificate with id #.#.#.#.#.#.#.# failed to parse with error: null please delete (if unused) or replace this certificate prior to upgrading.

If the upgrade is initiated from the SDDC, the verification can be done by reviewing the LCM logs on the SDDC Manager: /var/log/vmware/vcf/lcm/lcm.log

Environment

VMware NSX

Cause

This is expected behavior, as the precheck validation fails due to the expiration of the NSX manager certificate.

Resolution

Generated the new certificate and replace the expired certificate using API call as per the document below and rerun the prechecks:

Replace Certificates 3.x

Replace Certificates 4.x

Feedback

thumb_up Yes

thumb_down No