Failed to configure Microsoft Certification Authority as VCF external Certificate Authority
search cancel

Failed to configure Microsoft Certification Authority as VCF external Certificate Authority

book

Article ID: 441839

calendar_today

Updated On:

Products

VMware SDDC Manager / VCF Installer

Issue/Introduction

  • Failed to configure the Microsoft CA certificate web enrollment service as external CA on VCF with error like "Unable to create CA. Reference token: XXXXXX":



  • In operationmanager.log, there is entry like below, which indicates that the certificate has expired.

    YYYY-MM-DDTHH:MM:SS DEBUG [vcf_om,xxxxxxxxxxxxxxxx,xxxx] [c.v.e.s.e.h.LocalizableRuntimeExceptionHandler,http-nio-127.0.0.1-xxxx-exec-x] Handler Error Response: {"errorCode":"CERTIFICATE_CA_CREATION_FAILED","arguments":[],"message":"Unable to create CA.","causes":[{"type":"com.vmware.vcf.certmgmt.common.exception.CertificateManagementException","message":"Certificate CN\<CN name> is valid from <Day> <Month> <Day> <Time> UTC <Year> to <Day> <Month> <Time> <Day> UTC <Year> only."}],"referenceToken":"<Same token code in previous point>"}

Environment

VMware Cloud Foundation 9.x

Cause

The certificate of Microsoft CA has expired.

Resolution

Need to refresh the certificate of Microsoft CA then configure VCF to connect to Microsoft CA again.

Powered by Wolken Software