NSX-T Health Check Failure During SDDC Deployment Pre-Check Due to Compute Manager Certificate Thumbprint Mismatch
search cancel

NSX-T Health Check Failure During SDDC Deployment Pre-Check Due to Compute Manager Certificate Thumbprint Mismatch

book

Article ID: 442104

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

During the SDDC deployment pre-check stage, the following error is observed:

"Failed to run health checks for NSX-T on 'XXX_VCF_Management'"

Additional observations:

  • NSX-T health checks fail during deployment validation.
  • In the NSX Manager UI, the Compute Manager status appears as Down.
  • SDDC deployment workflow cannot proceed due to failed NSX validation checks.

Environment

VCF 9.x

Cause

The issue occurs because the certificate thumbprint stored in NSX Manager for the Compute Manager no longer matches the certificate currently presented by the Compute Manager.

This commonly occurs after:

  • vCenter Server certificate replacement
  • Certificate renewal
  • CA certificate changes
  • Compute Manager certificate regeneration

As a result, NSX-T cannot validate the Compute Manager connection and marks the connection status as Down.

Resolution

Resynchronize the Compute Manager connection in NSX-T to refresh the certificate thumbprint and restore connectivity.

Steps to Restore the Compute Manager Connection

  1. Log in to the NSX Manager UI.

  2. Navigate to:

    System > Fabric > Compute Managers

  3. Select the affected Compute Manager.
  4. Click Edit.
  5. Click Save without making any configuration changes.

This action forces NSX Manager to refresh the Compute Manager certificate and synchronize the updated thumbprint.

 

Additional Information

Refer: https://knowledge.broadcom.com/external/article/323341 

Powered by Wolken Software