Running vCenters in enhanced linked mode ELM upon logging into vCenter UI only single vCenter is observed.

Users may experience API failure (API are not working Linked Virtual Center are not working)

In the vsphere_client_virgo.log located at /var/log/vmware/vsphere-ui/logs you see the following errors:

[0000-00-00T00:00:00.000Z] [ERROR] wcp-plugins-notifier-1        c.v.v.plugin.notification.WcpServicePluginNotificationsListener   Unable to subscribe to vcenter_fqdn (0000-0000-0000-0000-000000000000), nodeId:  java.util.concurrent.CompletionException: com.vmware.vcenter.apigw.security.AuthenticationException: Failed to log into [uri=http://localhost:1080/external-vecs/http2/vcenter_fqdn/443/apigw, sessionMgr=S
essionManagerInfo [_sessionMgrSvcId=com.vmware.cis.session, _loginOpId=create, _logoutOpId=delete], ssoDomain=vsphere.local(0000-0000-0000-0000-000000000000)]: com.vmware.vapi.std.errors.unauthenticated => {data=<unset>, error_type=U
NAUTHENTICATED, messages=[com.vmware.vapi.std.localizable_message => {args=[], default_message=This method requires authentication., localized=<unset>, id=vapi.method.authentication.required, params=<unset>}]}



[0000-00-00T00:00:00.000Z] [ERROR] plugin-vc-discovery-138       c.v.vise.vim.extension.vcservice.impl.VcAuthenticatorServiceImpl  Error creating VcService for https://vcenter_fqdn:443/sdk java.util.concurrent.ExecutionException:
 (vim.fault.InvalidLogin) {
   faultCause = null,
   faultMessage = null
}
        at java.util.concurrent.FutureTask.report(FutureTask.java:122)
        at java.util.concurrent.FutureTask.get(FutureTask.java:206)
        at com.vmware.vise.vim.commons.vcservice.impl.VcServiceImpl.processLogin(VcServiceImpl.java:1114)
        at com.vmware.vise.vim.commons.vcservice.impl.VcServiceImpl.doLogin(VcServiceImpl.java:969)
        at com.vmware.vise.vim.commons.vcservice.impl.VcServiceImpl.login(VcServiceImpl.java:959)
        at com.vmware.vise.vim.extension.vcservice.impl.VcAuthenticatorServiceImpl.loginToVc(VcAuthenticatorServiceImpl.java:87)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:234)
        at com.sun.proxy.$Proxy396.loginToVc(Unknown Source)
        at com.vmware.vise.plugin.discovery.VcSyncManager$1.run(VcSyncManager.java:141)
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
        at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
        at com.vmware.vise.util.concurrent.WorkerThreadFactory$1.run(WorkerThreadFactory.java:64)
        at java.lang.Thread.run(Thread.java:750)
Caused by: com.vmware.vim.binding.vim.fault.InvalidLogin: Cannot complete login due to an incorrect user name or password.

[0000-00-00T00:00:00.000Z] [ERROR] tp-nio-127.0.0.1-5090-exec-4 r0000361 ###### ###### com.vmware.identity.token.impl.SamlTokenImpl                      Signature validation failed javax.xml.crypto.dsig.XMLSignatureException: the keysele
ctor did not find a validation key

vCenter 8x

Issue with the shared STS certificate.

If VCHA is in use please destroy it before making changes.

1. Ensure vmdir is in normal mode on all linked vCenters:

   /usr/lib/vmware-vmdir/bin/vdcadmintool

2. Ensure replication is showing as healthy:

   /usr/lib/vmware-vmdir/bin/vdcrepadmin -f showpartnerstatus -h localhost -u administrator

3. Using the vCert script tool, Run the STS certificate replacement option on a single vCenter followed by restarting services and restart services on the partner nodes also.