• Fleet Management Lifecycle prechecks reporting the following error:
  
  vCenter to SDDC Manager time difference (Make sure vCenter and SDDC Manager system times are within 45.0 seconds difference)."


  
  
  
• There is no time difference reported between the vCenter and the SDDC Manager and the NTP SOS report is healthy 
• On the SDDC-M we noticing the following errors:
  
  /var/log/vmware/vcf/operationsmanager/operationsmanager.log
  
  yyyy-mm-ddThh:mm:ss.zzz+0000 DEBUG [vcf_om,<task_id>] [c.v.v.b.p.updaters.PropertyUpdater,pool-2-thread-15] Executing updater method getSddcManagerSystemTime of updater VcSddcManagerUpdater, updaterInfo is 
{"entityType":"VcManager","entityName":"<VC_FQDN>","propertyName":"sddcManagerEpochSystemTime","isMandatory":true}
..
yyyy-mm-ddThh:mm:ss.zzz+0000 ERROR [vcf_om,<task_id>] [c.v.v.b.p.updaters.PropertyUpdater,pool-2-thread-15] Failed to execute updater method getSddcManagerSystemTime on entity <VC_FQDN> of type VcManager from <VC_FQDN> due to an exception {}
java.util.concurrent.ExecutionException: java.lang.reflect.InvocationTargetException
Caused by: java.lang.reflect.InvocationTargetException: null
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:569)
        at org.apache.commons.lang3.reflect.MethodUtils.invokeMethod(MethodUtils.java:842)
        at org.apache.commons.lang3.reflect.MethodUtils.invokeMethod(MethodUtils.java:793)
        at com.vmware.vcf.baseliner.platform.updaters.PropertyUpdater.lambda$queryForProperties$0(PropertyUpdater.java:210)
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
        ... 3 common frames omitted
Caused by: org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://<SDDC_FQDN>/commonsvcs/about": Certificate for <SDDC_SHORTNAME> doesn't match any of the subject alternative names: [<SDDC_FQDN>]
        at org.springframework.web.client.RestTemplate.createResourceAccessException(RestTemplate.java:915)
        at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:895)
        at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:790)
        at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:672)
        at com.vmware.vcf.baseliner.helpers.HeadersRestHelper.getResponseHttpHeaders(HeadersRestHelper.java:61)
        at com.vmware.vcf.baseliner.sddcmgr.updaters.VcSddcManagerUpdater.getSddcManagerSystemTime(VcSddcManagerUpdater.java:73)
        ... 11 common frames omitted
Caused by: javax.net.ssl.SSLPeerUnverifiedException: Certificate for <SDDC_SHORTNAME> doesn't match any of the subject alternative names: [<SDDC_FQDN>]
..
yyyy-mm-ddThh:mm:ss.zzz+0000 ERROR [vcf_om,<task_id>] [c.v.v.b.p.t.v.v.ResourceStateValidator,pool-2-thread-15] Entity constraint validation with expression T(java.lang.Math).abs(vcEpochSystemTime
 - sddcManagerEpochSystemTime) < 45.0 * 1000 on entity with name <VC_FQDN> of type VcManager failed with exception
org.springframework.expression.spel.SpelEvaluationException: EL1008E: Property or field 'sddcManagerEpochSystemTime' cannot be found on object of type 'java.util.HashMap' - maybe not public or not valid?

VCF 9.0.x

The precheck workflow is unable to connect to the SDDC Manager appliance to retrieve the time thus giving a false positive.

The issue occurs because of a TLS verification problem related to the SDDC Manager certificate missing the hostname of the SDDC Manager FQDN in the SAN list.

Regenerate the SDDC manager certificate by including both the SDDC Manager FQDN and the hostname in the SAN list, i.e.

hostname.domain.com

hostname

Managing Certificates in VMware Cloud Foundation