"Could not find the component certificate. Use Fleet Management --> Certificates to either add or replace the component certificate" error when adding nodes to VCF Operations
search cancel

"Could not find the component certificate. Use Fleet Management --> Certificates to either add or replace the component certificate" error when adding nodes to VCF Operations

book

Article ID: 432924

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

  • Attempting to expand a VCF Operations  cluster by adding nodes, the task fails at Stage 3.

  • The Add Nodes wizard stops at Stage 3 with the warning: "Could not find the component certificate. Use Fleet Management --> Certificates to either add or replace the component certificate".

  • Navigating to Fleet Management > Certificates shows an empty page for the VCF Operations component.

  • Output of the below SQL query from Fleet Manager displays null key value 

Environment

VCF Operations 9.x

Cause

The issue is caused by a data inconsistency in the Fleet Manager database. Specifically, the certificate assigned to the VCF Operations cluster nodes contains a null key value in the vm_locker_certificate table within the vrlcm database. Because the key is null, the UI fails to populate the certificate details, and the Add Nodes workflow cannot validate the security chain required to deploy new nodes.

Resolution

To resolve this issue, you must generate a new certificate and re-associate it with the component to repair the database entry.

  1. Generate a New Certificate:

    • During the 'Add Nodes' wizard for the operations component, at Stage 3, select Add Certificate.

    • Select 'Create Certificate' and provide a unique alias (e.g., vcf-ops-new-cert). Complete the generation.

  2. Identify Current Alias:

    • Navigate to Fleet Manager > Lifecycle > Component > Component Details.

    • Note the existing certificate alias currently associated with the cluster.

  3. Enable Fleet Manager UI Access:

    • Follow step 1under resolution section in Broadcom KB 431240 to enable the full Fleet Manager UI.

  4. Replace Certificate in Locker:

    • Access the Locker services within Fleet Manager.

    • Locate the certificate alias identified in Step 2.

    • Click the three-dot menu next to that alias and select Replace.

    • Choose the new certificate alias created in Step 1.

  5. Synchronize Inventory:

    • Navigate to VCF Operations > Fleet Manager > Lifecycle > Operations.

    • Trigger an Inventory Sync to ensure the database and UI are aligned with the new certificate metadata.

  6. Resume Task:

    • Restart the Add Nodes wizard. The certificate should now be recognized at Stage 3.

Powered by Wolken Software