The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
Troubleshooting SSL certificate updates and Single Sign On (2033240)
- Updating the vCenter Server system SSL certificate through the Managed Object Browser URL triggers a get Method Invocation Result: Error.
- You are unable to log in to vCenter Server.
- vCenter Server fails to start.
- vCenter Server starts but log in to vCenter Server fails.
If the SSL certificate update results in an error, determine the likely cause from the following possibilities and take the appropriate corrective action.
- Verify that you are not attempting to update with the same SSL certificate that resides on another vCenter Server system pointing to the same Single Sign On server. SSL certificates must be unique. Generate a new certificate with a unique distinguished name (DN) and repeat the update process.
- Verify that the X.509 SSL certificate is valid and not corrupted or expired. Provide a valid SSL certificate if needed. If vCenter Server cannot read the certificate, it might be corrupt.
- Verify that the SSL certificate key/certificate pair match. If they do not match, provide a valid key/certificate pair.
If vCenter Server fails to start, check the vCenter Server logs for the error SSL Exception: Verification parameters (certificate signature failure).
If vCenter Server and vCenter Single Sign On servers are up and running but you are unable to log into vCenter Server, check the logs for the error SSL Exception: Verification parameters (certificate signature failure).
Both of these errors indicate that the SSL certificate of Single Sign On has been changed and the new certificate was not added to the vCenter trust store.
Request a Product Feature
To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.