The vCenter server certificate reset failed after changing the vCenter Server IP address and FQDN through the vCenter Server Console
search cancel

The vCenter server certificate reset failed after changing the vCenter Server IP address and FQDN through the vCenter Server Console

book

Article ID: 414279

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

The vCenter Server services are not starting after changing the vCenter Server FQDN and IP through the DCUI .

service-control --status --all

Running:
 lwsmd vc-ws1a-broker vmafdd vmcad vmdird vmware-eam vmware-envoy vmware-envoy-hgw vmware-envoy-sidecar vmware-postgres-archiver vmware-rhttpproxy vmware-vmon vmware-vpostgres vtsdb
StartPending:
 lookupsvc
Stopped:
 applmgmt observability observability-vapi pschealth vlcm vmcam vmonapi vmware-analytics vmware-certificateauthority vmware-certificatemanagement vmware-cis-license vmware-content-library vmware-hvc vmware-imagebuilder vmware-infraprofile vmware-netdumper vmware-perfcharts vmware-pod vmware-rbd-watchdog vmware-sca vmware-sps vmware-stsd vmware-topologysvc vmware-trustmanagement vmware-updatemgr vmware-vapi-endpoint vmware-vcha vmware-vdtc vmware-vpxd vmware-vpxd-svcs vmware-vsan-health vmware-vsm vsphere-ui vstats wcp

Reviewing the vpxd-svc log, you see the VCenter Server pulling the old FQDN and trying to connect to it.

Environment

VMware vCenter Server 8.x

Cause

The vCenter Server IP and hostname were changed through the vCenter Server Console. This resulted in improper update of the vCenter Server Service registrations with the fully qualified domain name. As a result, some of the services failed to start, causing all processes, such as certificate reset, to fail.

NB: It is not supported to change the vCenter server hostname through the DCUI. This will not update vcenter Server registrations with the new FQDN, resulting in services not starting.

Review the following documentation on how to properly change the FQDN of vCenter Server:

https://blogs.vmware.com/cloud-foundation/2019/08/13/changing-your-vcenter-servers-fqdn/

Resolution

To resolve the issue, use a two-step process:

Use the console to change the IP address and DNS 

  • Access the direct console user interface and log in with root and root password
  • Execute the following command:/opt/vmware/share/vami/vami_config_net
  • Choose the option to edit the IP address and DNS, and default gateway

After the changes are made, start the service and connect to the VAMI to change the FQDN

  • Log in to the VAMI using root and root password
  • Click on Networking and edit
  • Change the ostnae to reflect the new FQDN
  • Next to enter the SSO credentials and password
  • Acknowledge and go next to finish
  • Verify that all the vcenter server services are up and connect to the vcenter server using the new EQDN
Powered by Wolken Software