VCF Bring-up fails at "Deploy NSX Manager" stage
search cancel

VCF Bring-up fails at "Deploy NSX Manager" stage

book

Article ID: 406940

calendar_today

Updated On:

Products

VMware SDDC Manager VMware Cloud Foundation

Issue/Introduction

VCF Bring-up fails at "Deploy NSX Manager" stage where the hostnames are having single domain name label.



Environment

VCF 5.2

Cause

Incorrect hostname format (partially qualified domain i.e, PQDN) such as <hostname>.<domain> (single domain label)  is used which causes the bring-up workflow to fail due to SSL trust establishment issues.

 

Below log entries are found in  /var/log/vmware/vcf/bringup/vcf-bringup-debug.log 

2025-07-30T01:44:26.760+0000 [bringup,6889704ded814b0b782a08330078398f,49ee] DEBUG [c.v.v.c.n.s.c.c.ApiConnection,bringup-exec-10] Created ApiClient connection to: <NSX Manager Hostname>
2025-07-30T01:44:26.770+0000 [bringup,6889704ded814b0b782a08330078398f,49ee] ERROR [c.v.v.c.n.s.c.c.ComplexHelpers,bringup-exec-10] Exception occurred during NSX API invocation
java.util.concurrent.ExecutionException: com.vmware.vapi.client.exception.SslException: Certificate for <NSX Manager IP address> doesn't match any of the subject alternative names: [<NSX Manager IP address>]
        at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:396)
        at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2073)
        at com.vmware.vapi.bindings.CompletionStageFuture.get(CompletionStageFuture.java:45)

Resolution

PQDN is not accepted by VCF. 

Use only FQDN that has two or more labels in the domain name. 

Additional Information

Valid hostname Format:  <hostname>.<subdomain>.<domain> / <hostname>.<subdomain>.<subdomain>.<domain>

Invalid hostname Format: <hostname>.<domain>

Powered by Wolken Software