push host-certificate
reports an internal error# push host-certificate <MGR IP> username <username> thumbprint <thumbprint>Password for API user:
% Push certificate failed: 'internal error'
#
VMware NSX
The push cli is not functioning correctly if NSX Manager admin username has been changed from default name.
This is a known issue.
To workaround this issue, the custom NSX Manager username must be changed back to admin.
1) Using a REST API client or curl get the full list of users
GET https://<NSX_MGR_IP>/api/v1/node/users/
{
...
.....
{
"full_name": "",
"last_password_change": 33,
"password_change_frequency": 90,
"password_reset_required": false,
"status": "ACTIVE",
"userid": 10000,
"username": "custom_admin_name"
},
...
]
}
2) Copy the block relating to the custom admin user above including the brackets.
Note the userid which will be needed for the next API command.
3) Update the username back to admin using the PUT API
PUT https://<NSX-IP>/api/v1/node/users/<User-ID>
PUT https://<NSX-IP>/api/v1/node/users/10000
BODY: {
"full_name": "",
"last_password_change": 33,
"password_change_frequency": 90,
"password_reset_required": false,
"status": "ACTIVE",
"userid": 10000,
"username": "admin"
<<<< username changed to admin }
NOTE: In the body above, the only change is the "username" to "admin", but all other parameters remain the same.
Once the cli has been run successfully, the same procedure can be used to revert back to the original username if desired.