Deployment of a vCenter Server Appliance (VCSA) fails during the VI Creation process. This issue is characterized by the following symptoms:

Validation Failures: The installer fails during the SSOExternal precheck or postvalidation phase.


Log Evidence (VCSAInstallLogger):


• In case the VI Creation is part of Joined ELM Ring:
  • 
Task 'Running precheck: SSOExternal' execution failed because [The deployment type is embedded vCSA and it can only point to another embedded vCSA.]
 
• In case the VI Creation is part of Isolated VC Deployment:

  • Exception: HTTPSConnectionPool(host='<IP>', port=5480): Max retries exceeded (caused by ProxyError('Unable to connect to proxy', OSError('Tunnel connection failed: 403 Tunnel or SSL Forbidden')))

• SDDC Manager Failure:
  • Orchestration tasks fail with error code DEPLOY_VC_FAILED during the DeployVcsa70OnVcAction task.

Silent API Failures: API calls to https://<mgmt-vc-ip>:5480/rest/vcenter/system-config/deployment-type do not appear in the target vCenter Management logs, indicating the request was intercepted before reaching the destination.


VCF 5.x, VCF 9.x

The proxy server configured in the environment is intercepting and blocking HTTPS requests directed at port 5480.

To resolve this issue, perform one of the following actions:


• Configure the environment’s proxy server to allow HTTPS traffic through port 5480.

• Disable proxy server when executing Create VI Workflow