Replacing certificate for VxRail Manager from SDDC Manager fails with error "Failed to replace certificate for <VxRail_Manager_FQDN> due to: Unable to update VxRail Manager certificate".
search cancel

Replacing certificate for VxRail Manager from SDDC Manager fails with error "Failed to replace certificate for <VxRail_Manager_FQDN> due to: Unable to update VxRail Manager certificate".

book

Article ID: 427547

calendar_today

Updated On:

Products

VMware SDDC Manager / VCF Installer

Issue/Introduction

  • The certificate replacement process for VxRail Manager via SDDC Manager fails with the following error: "Failed to replace certificate for <VxRail_Manager_FQDN> due to: Unable to update VxRail Manager certificate".

  • On SDDC Manager, in /var/log/vmware/vcf/operationsmanager/operationsmanager.log:

    YYYY-DD-MMTHH:MM:SS INFO  [vcf_om,############,c###] [c.v.v.secure.http.HttpClientService,om-exec-25] Response Body: { "code": "
    ######", "message": "The server failed to complete the request due to internal error. Try again later. {'message': 'Failed to connect to vCenter None', 'locations': [{'line': 2, 'column': 3}], 'path': ['cluster']}" }
    YYYY-DD-MMTHH:MM:SS INFO  [vcf_om,############,c###] [c.v.e.s.c.v.VxRailManagerService,om-exec-25] VxRail Manager response status is 500 and response message is { "code": "######", "message": "The server failed to complete the request due to internal error. Try again later. {'message': 'Failed to connect to vCenter None', 'locations': [{'line': 2, 'column': 3}], 'path': ['cluster']}" } for api /rest/vxm/v2/certificates/import-vxm
    YYYY-DD-MMTHH:MM:SS ERROR [vcf_om,############,c###] [c.v.e.s.c.v.VxRailManagerService,om-exec-25] Import Certificates request failed with status 500
    YYYY-DD-MMTHH:MM:SS ERROR [vcf_om,############,c###] [c.v.v.c.v.VxRailCertificatePluginService,om-exec-25] Failed to replace VxRail: <VxRail_Manager_FQDN> certificate.

Environment

VCF 5.x

Cause

  • The error message in the logs indicates that the SDDC Manager successfully reached the VxRail Manager endpoint and initiated the /rest/vxm/v2/certificates/import-vxm API call. However, the VxRail Manager appliance sent an HTTP 500 response, indicating the request was received but could not be processed.
  • The log entry ''message': 'Failed to connect to vCenter None'' indicates issues with the VxRail Manager and vCenter Server connectivity. 

Resolution

  1. Run the command below on the SDDC Manager to verify VxRail Manager and vCenter Server connection state:
    curl -v -k -X GET -u "administrator@<sso_domain>:password" "https://<VxRail_Manager_FQDN>/rest/vxm/v1/vc/mode"

  2. Reach out to DELL VxRail Support to investigate the communication issues between the vCenter Server and the VxRail Manager.
Powered by Wolken Software