vCert displaying STS ConnectionStrings MISCONFIG
Article ID: 418319
Updated On:
Products
Issue/Introduction
STS displays a misconfigured connection string error:
Checking STS Server Configuration
-----------------------------------------------------------------
Checking VECS store configuration OK
Checking STS ConnectionStrings MISCONFIG
Cause
Incorrect / outdated STS connection strings can cause the erroneous certificate status indication.
Resolution
- Take powered off snapshots off all vCenter servers in ELM. VMware vCenter in Enhanced Linked Mode pre-changes snapshot (online or offline) best practice
- To validate, the vCert tool can be used. Download and upload the tool to vCenter Server. The script is executable by running the following commands:
# unzip -q vCert-6.1.0-20250910.zip
# cd vCert-6.1.0-20250910
# chmod +x vCert.py
# ./vCert.py
a. Option 1 to check current certificate status.
b. Current certificate status shows STS connectionStrings as MISCONFIG
c. Select option 3 Manage certificates
d. Select option 8 STS signing certificates
e. Select option 1
f. Enter "Y" to update the value
g. Enter "Y" to restart vCenter services.
Additional Information
For more information see: vCenter services vapi-endpoint and vpxd-svcs fail to start with "Unexpected status code: 404"
Feedback
