这边如果是选择6 出现报错:ERROR: The MACHINE SSL CERT certificate is expired 如果出现上图所示的报错,就要根据报错提示选择8选项进行所有证书替换了。
| 1. Replace Machine SSL certificate with Custom Certificate | | | | 2. Replace VMCA Root certificate with Custom Signing | | Certificate and replace all Certificates | | | | 3. Replace Machine SSL certificate with VMCA Certificate | | | | 4. Regenerate a new VMCA Root Certificate and |...
if exp_date <= now: self.results['expired'][cert_type].append(certdetail) else: self.results['valid'][cert_type].append(certdetail) def execute(self): json = self.get_certs(force_refresh=False) for item in json: for certificate in item['certificates']: self.check_cert(certificate['e...
To remove the Certificate request that is expired, use this command on the vCenter Appliance, before running the command, reset the alarm to green /usr/lib/vmware-vmafd/bin/vecs-cli entry delete --store MACHINE_SSL_CERT --alias __MACHINE_CSR If you want to check if this fixed the prob...
12. Run/usr/lib/vmware-vmca/bin/certificate-manager 13. Choose option1:Replace Machine SSL certificate with Custom Certificate. Enter SSO and VC administrator credentials (default:administartor@vsphere.local). And now, choose option2to import custom certificates. ...
The lookup service registrations may have an SSL trust value that doesn’t match the MACHINE_SSL_CERT on port 443 of the node. This can be caused by a failure during certificate replacement, among other failures. Once the above task is complete, restart all the servi...
The expired issuing ca cert is still in the certificate store, so I cannot replace the __MACHINE SSL cert with one from our CA before it is cleared out. But this is a minor nuisance compared the the problems I had. Regards, Helge...
C:\Program Files\VMware\vCenter Server\vmcad\certificate-manager Note:It is important to be logged in as an administrator or to "Run as Administrator" if user access control is enabled. SelectOption 1(Replace Machine SSL certificate with custom certificate). ...
Replacing the vSphere 6.x Machine SSL certificate with a VMware Certificate Authority issued certificate Delete an expired CSR from MACHINE_SSL_CERT VECS Store /usr/lib/vmware-vmafd/bin/vecs-cli entry delete --store MACHINE_SSL_CERT --alias __MACHINE_CSR -y ...
After running the above script, if the services fails, kindly check the machine SSL certificate as well for expiry. If expired, you need to replace the Machine SSL as well. VMware Knowledge Base Regards, Nirmal Nair lamttf2 Posted Jun 30, 2021 12:56 AM ...