Error: "A general system error occurred: A depot is inaccessible or has invalid contents. Make sure an official depot source is used and verify connection to the depot" when trying to sync updates in Lifecycle Manager
search cancel

Error: "A general system error occurred: A depot is inaccessible or has invalid contents. Make sure an official depot source is used and verify connection to the depot" when trying to sync updates in Lifecycle Manager

book

Article ID: 420777

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • Certificates are renewed for the appliance of custom depots
  • Syncing updates gives an error:  
    A general system error occurred: A depot is inaccessible or has invalid contents. Make sure an official depot source is used and verify connection to the depot.

  • Errors are seen in /var/log/vmware/vmware-updatemgr/vum-server/vmware-vum-server.log

    Failed to validate depots: https://###-###-#######.#######.###:3512/static/v
sphere-web-client/#######/HPE-703.0.0.10.13.0.12-###-Addon-depot/index.xml, https://###-###-#######.#######.###:3512/static/v
sphere-web-client/#######/HPE-703.0.0.10.13.0.12-###-Addon-depot/index.xm, https://###-###-#######.#######.###:3512/static/v
sphere-web-client/#######/HPE-703.0.0.10.13.0.12-###-Addon-depot/index.xm
    error vmware-vum-server[12973] [Originator@6876 sub=com.vmware.vcIntegrity.lifecycle.SyncDepotsTask] [SyncDepotsTask 221] Failed to sync depots. Merged depot content is invalid: Error:
-->    com.vmware.vapi.std.errors.error
--> Messages:
-->    com.vmware.vcIntegrity.lifecycle.depotContent.ValidationError<A depot is inaccessible or has invalid contents. Make sure an official depot source is used and verify connection to the depot.>
-->
  • Environment consists of both Broadcom and custom URLs, as below

 

Environment

VMware vCenter Server 8.0.X

VMware vCenter Server 7.0.X

Cause

  • Stale certificate in TRUSTED_ROOTS store
    • You have replaced certificates for the appliance and the new root certificate was presented to the vCenter
    • The old certificate was present in the environment as well and instead of validating with the new certificate, validation was done with the old certificate 

Resolution

  1. Disable all URLs 
  2. Enable Broadcom URLs only
  3. Confirm the updates are syncing for Broadcom URLs
  4. Once the above is confirmed, add custom URLs
  5. Once confirmed the custom URLs are failing proceed with next steps
  6. Take appropriate snapshots of the vCenter, offline snapshots in vCenter is in ELM, and online snapshots if the vCenter is standalone. Read more at Snapshot Best practices for vCenter Server Virtual Machines
  7. Unpublish old certificate. Read more at Verify and remove CA Certificates from the TRUSTED_ROOTS store in the VMware Endpoint Certificate Store(VECS)
  8. Retry the sync updates
Powered by Wolken Software