Bundle Downloads Fail with 403 Forbidden Error from dl.broadcom.com:443
search cancel

Bundle Downloads Fail with 403 Forbidden Error from dl.broadcom.com:443

book

Article ID: 420374

calendar_today

Updated On:

Products

VMware SDDC Manager

Issue/Introduction

  • Attempts to download bundles (e.g., ESXi, vCenter, NSX) using SDDC Manager Lifecycle Management for a VMware Cloud Foundation (VCF) upgrade fail.
  • The SDDC Manager UI and logs report the following error: BundleDownloadFailureException: Error [403] downloading bundle [/COMP/...] from dl.broadcom.com:443. Please retry download. 
  • The Repository Settings may incorrectly report the status as "Depot Connection Active".
  • vCenter downloads may also return: HTTPException: 500 Internal Server Error HTTP/1.1. Please retry download.

Environment

VMware Cloud Foundation (VCF) 9.x

VMware Cloud Foundation (VCF) 9.0.1.0

Cause

The 403 Forbidden status indicates an authorization failure. This occurs when the Broadcom Download Token configured in SDDC Manager is invalid, expired, or not associated with a Site ID that has active entitlements for the specific VCF product versions being downloaded.

Note: The "Depot Connection Active" status only confirms network connectivity (L3/L4) to dl.broadcom.com, not application-layer authorization (L7).

Resolution

To resolve this issue, generate a new token from an entitled Site ID and update the SDDC Manager credentials:

  1. Generate a New Token:
    • Log in to the Broadcom Support Portal.
    • Identify the Site ID with active entitlements for your VCF software.
    • Generate a new download token associated with that Site ID.
  2. Update SDDC Manager Credentials:
    • Log in to the SDDC Manager UI as vcfuser.
    • Navigate to Administration > Depot Settings.
    • Click Update Credentials, paste the new download token, and click Save.
  3. Verify and Retry:
    • Confirm the connection status is active: The SDDC Manager will re-test the connection. Ensure the connection status remains active and no further errors are reported.
    • Navigate to Lifecycle Management and retry the failed bundle download.

Additional Information

The "Depot Connection Active" status only verifies that the SDDC Manager can reach dl.broadcom.com:443 over the network (L3/L4 connectivity). The 403 Forbidden error verifies that the authorization phase (L7/Application Layer) failed due to invalid credentials (token).

VCF Authenticated Downloads Token Troubleshooting Guide

Powered by Wolken Software