ERROR: The remote host certificate has these problems: self signed certificate in certificate chain
search cancel

ERROR: The remote host certificate has these problems: self signed certificate in certificate chain

book

Article ID: 416120

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • In vCenter's LCM page, an error is produced at the top that says 'Unexpected error, see logs for details'
  • vCenter machine certificates have been recently rotated
  • Checking the vmware-vum-server.log, you see an error such as:

YYYY-MM-DDThh:mm:ss.nnnZ error vmware-vum-server[#####] [Originator@#### sub=IO.Http] User agent failed to send request; (null), N7Vmacore3Ssl18SSLVerifyExceptionE(SSL Exception: Verification parameters:
--> PeerThumbprint: ##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:A8:23
--> ExpectedThumbprint: ##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:39:97
--> ExpectedPeerName: <FQDN>
--> The remote host certificate has these problems:
-->
--> * self signed certificate in certificate chain)

Environment

7.x

Cause

Solution User certificates require rotation.

Resolution

Use the vCert.py script, available in KB vCert - Scripted vCenter expired certificate replacement, to replace the Solution User certificates.

  1. Option 3 to manage certificates
  2. Option 2 to update the Solution User certificates.
  3. Option 1 to use the default self-signed certificates (Custom CA certs are not recommended for these certs).
Powered by Wolken Software