Configure Certificate Authority for VCF Management fails with error, "Certificate authorities update failed"
search cancel

Configure Certificate Authority for VCF Management fails with error, "Certificate authorities update failed"

book

Article ID: 406901

calendar_today

Updated On:

Products

VMware Cloud Foundation VCF Operations

Issue/Introduction

  • The Configure Certificate Authority for VCF Management wizard displays "Certificate authorities update failed".

  • On the VCF operations appliance, the following log shows the error below /var/log/vrlcm/vmware_vrlcm.log:

    ERROR vrlcm[1321] [http-nio-8080-exec-9] [c.v.v.l.l.c.MSCARestClient]  -- Exception occurred while trying to validate Microsoft CA

    org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 Unauthorized: "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.local.org/T

    R/xhtml1/DTD/xhtml1-strict.dtd"><EOL><EOL><html xmlns="http://www.local.org/1999/xhtml"><EOL><EOL><head><EOL><EOL><meta http-equiv="Content-Type" content="text/html; cha

    rset=iso-8859-1"/><EOL><EOL><title>401 - Unauthorized: Access is denied due to invalid credentials.</title><EOL><EOL><style><E


  • You may also experience an API variable expansion failure if the password contains curly brackets { }. In this scenario, the /storage/log/vcops/log/vcops-bridge.log records the following error:

    ERROR vcfops-bridge 5105 [ops@4413 threadId="8010" threadName="ServerConnection on port 10000 Thread 13"] [com.vmware.vcops.bridge.server.vcf.certificate.task.VRSLCMRestManager.configureMSCA] - Exception occurred while configuring microsoft ca on VRSLCMNot enough variable values available to expand '[PARTIAL_PASSWORD]'

    If the service account password contains curly brackets { }, the API framework incorrectly interprets the brackets as an expandable variable instead of a literal string, which results in a parsing failure.

Environment

VCF  9.0

Cause

A known issue with special characters in the service account password

#, &, or curly brackets { }

Resolution

The issue will be resolved in a future VCF release

Reset the service account password and remove special characters (such as #, &, or curly brackets { }).

Additional Information

Troubleshooting Microsoft CA configuration failures in VCF Operations 9.0.x

Powered by Wolken Software