Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
 
Search the VMware Knowledge Base (KB)   View by Article ID
 

Troubleshooting SSL certificate updates and Single Sign On (2033240)

Details

 While updating an SSL certificate, you might encounter the following problems.
  • Updating the vCenter Server system SSL certificate through the Managed Object Browser URL triggers a get Method Invocation Result: Error.
  • You are unable to log in to vCenter Server.
  • vCenter Server fails to start.
  • vCenter Server starts but log in to vCenter Server fails.

Solution

If the SSL certificate update results in an error, determine the likely cause from the following possibilities and take the appropriate corrective action.

  • Verify that you are not attempting to update with the same SSL certificate that resides on another vCenter Server system pointing to the same Single Sign On server. SSL certificates must be unique. Generate a new certificate with a unique distinguished name (DN) and repeat the update process.
  • Verify that the X.509 SSL certificate is valid and not corrupted or expired. Provide a valid SSL certificate if needed.  If vCenter Server cannot read the certificate, it might be corrupt.
  • Verify that the SSL certificate key/certificate pair match. If they do not match, provide a valid key/certificate pair.
If you are unable to log in to vCenter Server after the SSL certificate update, restart vCenter Server.

If vCenter Server fails to start, check the vCenter Server logs for the error SSL Exception: Verification parameters (certificate signature failure).
If vCenter Server and vCenter Single Sign On servers are up and running but you are unable to log into vCenter Server, check the logs for the error SSL Exception: Verification parameters (certificate signature failure).

Both of these errors indicate that  the SSL certificate of Single Sign On has been changed and the new certificate was not added to the vCenter trust store.

Keywords

troubleshooting, SSL certificate update, updating SSL certificates, Single Sign On

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 9 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
  • 9 Ratings
Actions
KB: