• During an upgrade from VCF 9.0 to VCF 9.1, the deployment of the VMSP fails with below message:
  
  Unable to reach VCF Operations node XXXX. This could indicate a network connectivity issue or a certificate that does not include this address in its SAN field


• This occurs in environments where additional VCF Operations nodes were added via manual expansion rather than the initial VCF Installer process. Consequently, the Subject Alternative Name (SAN) fields in the existing certificates are missing or incomplete.
• Due to strict security policies, local .key files can not be generated, rendering standard procedures like Configure a Certificate For Use With VCF Operations inapplicable.

VCF Operations 9.1

VCF Operations cluster nodes were expanded manually without following the standard VCF automated workflow. This resulted in certificates lacking the required SAN information necessary for VMSP validation during the 9.1 upgrade.

1. Make sure you have valid backup/snapshot all VCF management components.
2. Log in to each VCF Operations node via SSH as root.
3. Run the following commands to reset the environment path and reactivate the default web certificate:

unset -f pathappend pathprepend pathremove
$VMWARE_PYTHON_BIN /usr/lib/vmware-casa/bin/activate_web_certificate.py DEFAULT
$VMWARE_PYTHON_BIN /usr/lib/vmware-vcopssuite/utilities/bin/restartHttpd.py

      4. Retry deployment of VMSP.