HTTP 500 Error When Importing/Updating Private Key using script into VCF Operations Instance
Article ID: 419004
Updated On:
Products
VCF Operations
Issue/Introduction
While following VCF 9.0 Licensing - Critical Infrastructure Customers documentation to upload a license file in the VCF Operations environment, the key import/update process fails.
During the step "Import or Update a Private Key into a VCF Operations Instance", the documented script sends the request to the following endpoint:
https://$hostname/suite-api/internal/extension/vcf-license-cloud-integration/identity/keypairThis API call returns an HTTP 500 Internal Server Error:
{"type":"Error","message":"Failed to get update the key pair for critical infra",
"moreInformation":[{"name":"errorMessage","value":"Failed to get update the key pair for critical infra"}],
"httpStatusCode":500,"apiErrorCode":#####}
Environment
VCF Operations 9.x
Cause
The documented API endpoint used for importing/updating the private key is outdated for the target VCF Operations version.
The API endpoint:
The API endpoint:
/suite-api/internal/extension/vcf-license-cloud-integration/identity/keypairfails with a 500 error because the VCF Operations service no longer handles keypair updates through this path.
Additionally, although the documentation states that a standard PEM file containing only the private key is required (BEGIN PRIVATE KEY), the successful upload required the key file to be in a specific PEM format.
Resolution
- Use the correct API endpoint for key import
Instead of the documented URL, use the following endpoint available in the VCF Operations Swagger UI (https://<VCF_OPS_FQDN)/suite-api/doc/swagger-ui.html) :
Instead of the documented URL, use the following endpoint available in the VCF Operations Swagger UI (https://<VCF_OPS_FQDN)/suite-api/doc/swagger-ui.html) :
https://$hostname/suite-api/internal/license-manager/identity/keypair Using this endpoint allows the private key import to proceed successfully.
- Ensure the private key follows the required PEM format
Although a standard PEM private key file was initially used, the VCF Operations service required the key to be provided in the following PEM structure to include both private and public key.
-----BEGIN PRIVATE KEY-----
<private key>
-----END PRIVATE KEY-----
-----BEGIN PUBLIC KEY-----
<public key>
-----END PUBLIC KEY------ Re-run the private key import/update using the updated API endpoint and correct PEM key format.
After making these changes, the key import completes successfully without returning HTTP 500 errors.
Additional Information
Feedback
Yes
No
Powered by
