Unable to regenerate certificate after a failed SSL certificate replacement in VMware vCenter Server Appliance 5.x
search cancel

Unable to regenerate certificate after a failed SSL certificate replacement in VMware vCenter Server Appliance 5.x

book

Article ID: 322228

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

Symptoms:
  • Unable to regenerate certificate after a failed SSL certificate replacement in vCenter server appliance
  • Unable to regenerate default certificate by setting option Certificate regeneration enabled to Yes
  • Manually replacing the certificate with generate_all_certificates replace command in vCSA fails


Environment

VMware vCenter Server Appliance 5.5.x
VMware vCenter Server Appliance 5.1.x

Cause

This issue occurs when the contents in /var/vmware/vpxd/rui.subjectAltName file is updated and matches the current server DNS name or IP address.

Resolution

To resolve this issue:
  1. Open a console window to the vCenter Server Appliance.
  2. Change the directory to /var/vmware/vpxd/ with the command:

    cd /var/vmware/vpxd/
  3. Open the rui.subjectAltName file with a text editor. For more information see, Editing files on an ESX host using vi or nano (1020302).
  4. Change the two DNS entries (FQDN and shortname) to the previous hostname entries.
  5. Save the changes and exit the text editor.
  6. Restart vCenter Server.



Additional Information

Editing files on an ESX host using vi or nano

Powered by Wolken Software