Deploying Aria Automation via LCM fails with error code LCMVRAVACONFIG590008
search cancel

Deploying Aria Automation via LCM fails with error code LCMVRAVACONFIG590008

book

Article ID: 411132

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite) VMware vRealize Suite Lifecycle Manager 8.x

Issue/Introduction

Aria Automation Deployment fails with error code: LCMVRAVACONFIG590008, 
Detailed error message: 

Failed to Set VMware Identity Manager HostName on VMware Aria Automation.
Failed to set vIDM Host on VMware Aria Automation VA : VIDM_FQDN

 

On LCM appliance, you see the below:

2025-09-18T06:09:18.738Z INFO vrlcm[1256] [pool-3-thread-41] [c.v.v.l.d.v.h.VraPreludeInstallHelper]  -- 
2025-09-18 06:07:07,301 [INFO] Fetching vIDM certificate info from VIDM_FQDN
2025-09-18 06:09:18,358 [ERROR] Exception while setting vidm.
Traceback (most recent call last):
  File "/opt/python-modules/vracli/commands/vidm.py", line 72, in set_handler
    cert, subject, thumb = util.fetch_remote_certificate_info(vidm_url.host, port)
  File "/opt/python-modules/vracli/util.py", line 46, in fetch_remote_certificate_info
    cert = ssl.get_server_certificate((host, port))
  File "/usr/lib/python3.10/ssl.py", line 1552, in get_server_certificate
    with create_connection(addr, timeout=timeout) as sock:
  File "/usr/lib/python3.10/socket.py", line 845, in create_connection
    raise err
  File "/usr/lib/python3.10/socket.py", line 833, in create_connection
    sock.connect(sa)
TimeoutError: [Errno 110] Connection timed out



Environment

Aria Automation 8.18.x

LCM 8.

Cause

LCM is unable to fetch certificate of VIDM.

Resolution

open ports 80, 443, 22 to VIDM, Aria Automation.

A detailed list of port requirements can be found in Aria Automation Documentation 

Additional Information

Here's a detailed overview of port requirements for LCM for a successful deployment, Management of VIDM, Aria Automation.  

Source  Destination Port(s) Protocol Purpose
User Aria Automation Appliance 443 TCP Access to the Aria Automation web interface.
User Aria Automation Load-Balanced VIP 443 TCP Access for users when a load balancer is in use.
User Aria Suite Lifecycle Appliance 443 TCP Access to the Lifecycle Manager interface.
User Identity Manager Appliance 443 TCP Communication with the Identity Manager.
Aria Automation Appliance Aria Automation Appliance (intra-cluster) 10250, 6443, 8285, 2379, 2380 TCP/UDP For internal Kubernetes (K8s) services and communication within the cluster.
Aria Automation Appliance Aria Automation Appliance (intra-cluster) 500, 4500 UDP For internal cluster communication.
Aria Automation Appliance ESXi Host 902 TCP For communication with the hypervisor.
Aria Automation Appliance Identity Manager Appliance 443 TCP For component communication with Identity Manager.
Aria Automation Appliance Load Balancer VIP 443 TCP To access the load balancer.
Aria Automation Appliance Health Monitor 8008 TCP Internal health checks.
Aria Suite Lifecycle Appliance Aria Automation Appliance 22, 443 TCP SSH and HTTPS for managing the Aria Automation Appliance.
Aria Suite Lifecycle Appliance Identity Manager Appliance 22, 443 TCP SSH and HTTPS for managing Identity Manager.
Identity Manager Appliance Aria Automation Appliance 22 TCP For SSH access.
Load Balancer Aria Automation Appliance 443, 8008 TCP Health monitoring and traffic distribution to the appliances.
Powered by Wolken Software