"The system name in the vCenter Server 5.5 SSL certificate and the vCenter Single Sign-On 5.5 SSL certificates are not compatible" error when upgrading from vSphere 5.x to 6.0
search cancel

"The system name in the vCenter Server 5.5 SSL certificate and the vCenter Single Sign-On 5.5 SSL certificates are not compatible" error when upgrading from vSphere 5.x to 6.0

book

Article ID: 345435

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

Regenerate SSL certificates on the vCenter Server 5.x to resolve SSL certificate issue during vCenter Server 5.x to 6.0 upgrade.

Symptoms:
  • SSL certificates are not compatible in vCenter Server after upgrading from vCenter Server 5.x to 6.x
  • You see the warning:
The system name in the vCenter Server 5.5 SSL certificate and the vCenter Single Sign-On 5.5 SSL certificates are not compatible. Please replace either the vCenter Server SSL certificates or the vCenter Single Sign-On SSL certificates so both vCenter Server and vCenter Single Sign-On SSL certificates use the same system name.
 
Note: For additional symptoms and log entries, see the Additional Information section.

Environment

VMware vCenter Server 6.0.x

Cause

This issue occurs when:
  • You Copy the SSL certificates during unsupported migration-based upgrade from previous versions of 5.x.
  • Installing vCenter Server 5.x with only the IP address of the host operating system and then upgrading to vCenter Server 6.0 using the fully qualified domain name (FQDN).

Resolution

This is a known issue affecting vCenter Server 6.0.

Currently, there is no resolution.


Workaround:
To work around this issue, regenerate the SSL certificates on the vCenter Server 5.x before upgrading to vCenter Server 6.0.
 
To regenerate the SSL certificates, use one of these options:
  1. Uninstall vCenter Server in this order:
    1. vCenter Single Sign-On
    2. vSphere Web Client [Note: You might get a warning please click on Yes and continue]
    3. vCenter Inventory Service
    4. vCenter Server
    5. Rename the following directories under C:\ProgramData\VMware to ensure new certificates are generated using the correct hostname.
      • CIS to CIS.old
      • Infrastructure to Infrastructure.old
      • SSL to SSL.old
      • VMware VirtualCenter to VMware VirtualCenter.old
      • vSphere Web Client to vSphere Web Client.old
         
  2. Re-install vCenter Single Sign-On, vSphere Web Client, vCenter Inventory Service, and VMware VirtualCenter Server service.
  3. Reconnect to the existing database.
  4. Reconnect all of the hosts to the vCenter Server.


Additional Information

You experience these additional symptoms:
 
When you review SSL certificates for vCenter Server (located at: C:\ProgramData\VMware\VMware VirtualCenter\SSL)or vCenter Single Sign-On (located at: C:\ProgramData\VMware\vCenterServer\runtime\VMwareSTSService\conf\ssoserver.crt), you see one of these issues:
  • The wrong Fully Qualified Domain Name (FQDN) of the current host Operating System (OS)
  • The correct IP address of the vCenter Server, but the install is using the FQDN.
vCenter Server installation fails with the error: Setup located a vCenter Server database but not the companion SSL certificates
“Failed to verify the SSL certificate" after upgrading to vCenter Server 5.5 U1 or later
Recovering from expired SSL Certificates in VMware vCenter Server 5.5
从 vSphere 5.x 升级到 6.0 失败
O upgrade do vSphere 5.x para a versão 6.0 relata que os certificados SSL não são compatíveis
La actualización de vSphere 5.x a 6.0 informa que los certificados SSL no son compatibles
vSphere 5.x から 6.0 へのアップグレードに失敗する

Powered by Wolken Software