Data Services Manager (DSM) fails to provision a database due to a long certificate bundle.
search cancel

Data Services Manager (DSM) fails to provision a database due to a long certificate bundle.

book

Article ID: 414993

calendar_today

Updated On:

Products

VMware Data Services Manager

Issue/Introduction

Provisioning a database from DSM may result in the following error:

 

"lastTransitionTime": "2025-10-10T09:45:04Z",
"message": "internal error creating kubernetes cluster: KubeadmControlPlane.controlplane.cluster.x-k8s.io \"instance\" is invalid: spec.kubeadmConfigSpec.preKubeadmCommands[11]: Too long: may not be more than 10240 bytes: error provisioning kubernetes cluster",

Environment

VMware Data Services Manager 9.0.1

Cause

When DSM is installed and registered with a vCenter Server instance, it downloads the trusted root CA certificates from https://<vcenter-server-url>/certs/download.zip .  

Sometimes this bundle can be very large as it can contain multiple certificates.  

When this bundle is then used by DSM to deploy database instances, it exceeds the maximum size allowed when configuring a workload cluster.

 

Resolution

 

1. Log into the DSM UI as a DSM Admin and navigate to Settings > Trusted Root Certificates.

  1. Identify the trusted root CA that was used to sign the vCenter Server that was registered with DSM.
  2. Extract this trusted root CA into PEM format.  Ensure that it is less than 10240 bytes.
  3. Click the update button under "vCenter Trusted Root Certificates" and provided this trusted root CA to DSM.

Powered by Wolken Software