After replacing certificates with Microsoft CA, type is showing "External CA" and Auto-renewal showing "Not supported"

search cancel

After replacing certificates with Microsoft CA, type is showing "External CA" and Auto-renewal showing "Not supported"

book

Article ID: 410412

calendar_today

Updated On:

Products

VMware SDDC Manager

Issue/Introduction

After replacing certificates for components under the VCF Instance in VCF Operations with a Microsoft CA certificate shows the certificate type as "External CA"
Auto renewal column is showing "Not Supported"

Environment

VCF Operations 9.x

VMware Cloud Foundation 9.x

Cause

The is a current limitation with the Microsoft CA integration in SDDC Manager. If windows authentication is enabled, Microsoft CA blocks access which can affect the auto-renewal process.

Resolution

Windows Authentication needs to be disabled and Basic authentication needs to be enabled as this is required by SDDC Manager. See Configure the Microsoft Certificate Authority for Basic Authentication.

Engineering is working on allowing more authentication types for SDDC Manager.

Workaround:

Manually renew the certificates in the VCF Operations before the component certificate expires.

Feedback

thumb_up Yes

thumb_down No