vCenter Server not visible in Enhanced Linked Mode due to expired Machine SSL certificate
search cancel

vCenter Server not visible in Enhanced Linked Mode due to expired Machine SSL certificate

book

Article ID: 411400

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • One or more vCenter Servers fail to appear in the Enhanced Linked Mode (ELM) configuration, where other vCenter Servers may be visible.
  • A check the affected vCenter Server finds multiple critical services are stopped and failing to start, such as:
    vmware-certificatemanagement, vmware-vpxd-svcs, vmware-topologysvc, vmware-vsan-health, vmware-hvc, vmware-sps, and vstats.

Additional symptoms reported:

  • VM lost connectivity to cluster
  • ELM Not Working for 1 vCenter
  • Service restart, reboot vm, restart individual services not remediating initial issue

Environment

  • VMware vCenter Server 7.0
  • VMware vCenter Server 8.0

Cause

 

This occurs when the vCenter Server's Machine SSL certificate expires, preventing the vCenter from participating in the ELM federation and causing dependent services to fail during startup. The impact prevents centralized management of the vSphere environment through Enhanced Linked Mode.

Resolution

  1. Run the vCert tool following the instructions at: vCert - Scripted vCenter Expired Certificate Replacement

  2. Select option 2 - "Replace expired vCenter certificate(s)"

  3. Select option 1 - "Replace only the Machine SSL certificate with VMCA signed certificate"

  4. Enter the SSO administrator password when prompted.

  5. Allow the tool to complete the certificate replacement and service restart.

  6. Verify the vCenter Server is now visible in Enhanced Linked Mode.
Powered by Wolken Software