This issue is caused by a change in the certificate-manager in vCenter Server Update 1b. New options are present for processing the
certool.cfg file correctly, as well as processing config files for each individual solution user. If these config files do not have unique information for each solution user, the generated certificates have the same Subject.
For example, in the
C:\ProgramData\VMware\vCenterServer\logs\vmca\certificate-manager.log file, you see entries similar to:
2016-02-16T19:28:59.734Z INFO certificate-manager Selected operation: Replace Solution user certs with VMCA Certificate
2016-02-16T19:28:59.735Z INFO certificate-manager Please configure machine.cfg with proper values before proceeding to next step.
2016-02-16T19:28:59.735Z INFO certificate-manager Press Enter key to skip optional parameters or use Default value.
2016-02-16T19:29:23.529Z INFO certificate-manager machine.cfg file contents.
2016-02-16T19:29:23.530Z INFO certificate-manager Country = US
2016-02-16T19:29:23.530Z INFO certificate-manager Name = vSphere
2016-02-16T19:29:23.530Z INFO certificate-manager Organization = VMware
2016-02-16T19:29:23.530Z INFO certificate-manager OrgUnit = Support
2016-02-16T19:29:23.530Z INFO certificate-manager State = Colorado
2016-02-16T19:29:23.530Z INFO certificate-manager Locality = Denver
2016-02-16T19:29:23.530Z INFO certificate-manager #IPAddress =
2016-02-16T19:29:23.530Z INFO certificate-manager Email = [email protected]
2016-02-16T19:29:23.530Z INFO certificate-manager Hostname = vcsa.domain.comThe same information will be seen for these options in the other config files (
vsphere-webclient.cfg, vpxd.cfg, vpxd-extension.cfg) which causes the certificates not to be unique.