"VMware Depot Not Available" error after upgrading from VMware Cloud Foundation 2.0.0 to 2.1.0
Article ID: 345628
Updated On:
Products
VMware Cloud Foundation
Issue/Introduction
Symptoms:
After upgrading VMware Cloud Foundation from version 2.0.0 to version 2.1.0, the Lifecycle Management page in the SDDC Manager UI displays the error:
VMware Depot Not Available
After upgrading VMware Cloud Foundation from version 2.0.0 to version 2.1.0, the Lifecycle Management page in the SDDC Manager UI displays the error:
VMware Depot Not Available
Environment
VMware Cloud Foundation 2.0.x
VMware Cloud Foundation 2.1.x
VMware Cloud Foundation 2.1.x
Cause
This issue occurs when the cacerts file containing the VMware Depot certificate is not updated.
Resolution
This is a known issue affecting VMware Cloud Foundation 2.x.
Currently, there is no resolution.
Currently, there is no resolution.
To work around this issue:
- Log in to the SDDC Manager virtual machine as the root user using SSH or the console.
The SDDC Manager virtual machine can be identified by it's name starting with "vrm-" - Stop all SDDC Manager services by running these commands:
service vrm-watchdogserver stop
service vrm-tcserver stop
service lcm-watchdogserver stop
service lcm-init stop - Take a back up of the cacerts file by running this command:
cp /usr/java/jre-vmware/lib/security/cacerts /usr/java/jre-vmware/lib/security/cacerts.$(date +%m%d%y).bak - Download the VMware Depot certificate file by running this command:
Note: If the SDDC Manager virtual machine does not have internet access, this command must be run on a Linux system with openssl installed that has internet access and the result vmwaredepot.crt file must be transferred to the /tmp directory on the SDDC Manager virtual machine.
echo -n | openssl s_client -connect depot.vmware.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/vmwaredepot.crt - Add the new certificate to the certificate trust store by running this command:
/usr/java/jre-vmware/bin/keytool -import -trustcacerts -alias vmwaredepot -file /tmp/vmwaredepot.crt -keystore /usr/java/jre-vmware/lib/security/cacerts -storepass $(grep trustStorePassword /home/vrack/vrm/bin/setenv.sh | sed -e 's/ /\n/g' | grep trustStorePassword | cut -d'=' -f 2) -noprompt - Start all SDDC Manager services by running this commands:
service vrm-watchdogserver start
service lcm-watchdogserver start
Additional Information
To be alerted when this article is updated, click the subscribe button [cid:[email protected]] . For more information on KB subscription features, see the Knowledge Base Article FAQs: How to Subscribe to VMware Knowledge Base Articles (76417).
Feedback
Yes
No
Powered by
