Search the VMware Knowledge Base (KB)
View by Article ID

Catalog Management Actions are missing in VMware vRealize Automation (2113027)

  • 3 Ratings

Symptoms

  • When you click Administration > Catalog Management > Actions list, you see that some or all actions are missing in the Actions list.
  • In the C:\Program Files (x86)\VMware\vCAC\Web API\Logs\Elmah\elmah.axd file. you see entries similar to:

    System.Security.Cryptography.CryptographicException: SignatureDescription could not be created for the signature algorithm supplied.
    at System.Security.Cryptography.Xml.SignedXml.CheckSignedInfo(AsymmetricAlgorithm key)
    at System.Security.Cryptography.Xml.SignedXml.CheckSignature(AsymmetricAlgorithm key)
    at System.Security.Cryptography.Xml.SignedXml.CheckSignature(X509Certificate2 certificate, Boolean verifySignatureOnly)
    at VMware.SSOAuthentication.VMwareSSOAuthenticationModule.ValidateSAMLTokenSignature(String samlToken, SsoX509CertificateValidator ssoCertValidator)

Cause

This issue is caused by the virtual appliance sending a signature using an algorithm that is not supported by the .NET code.

Resolution

This is a known issue affecting VMware vRealize Automation Desktop 6.2.x.

Currently, there is no resolution.

To work around this issue, re-register the action items.

To re-register the action items using these steps:
  1. Run this command from your Model Manager Data server:

    "C:\Program Files (x86)\VMware\vCAC\Server\Model Manager Data\Cafe\Vcac-Config.exe" RegisterCatalogTypes -v

  2. Restart IIS on your IaaS Server(s):

    • If the command succeeds, you can see the Catalog Management Actions restored.
    • Even if the command succeeds, you may not see the actions, then disable signature validation.
    • If the command fails with this error, disable signature validation:

      System.Security.Cryptography.CryptographicException
      : SignatureDescription could not be created for the signature algorithm supplied,

Disable signature validation using these steps:

Note: Disabling signature validation can expose the IaaS server to security vulnerabilities.

  1. On the IaaS server(s), back up the this file, the path provided is the default location:

      C:\Program Files (x86)\VMware\vCAC\Web API\Web.config

    • Modify this line in the <appSettings> section:

        <add key="DisableSAMLTokenSignatureCheck" value="true"/>

      • Run this command from your Model Manager Data server:

        "C:\Program Files (x86)\VMware\vCAC\Server\Model Manager Data\Cafe\Vcac-Config.exe" RegisterCatalogTypes -v

      • Restart IIS on your IaaS Server(s)

      To revert the signature validation:
      1. Remove the lines from each of the files above or restore the items from the created backup.
      2. Restart the IaaS server(s)

      Request a Product Feature

      To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

      Feedback

      • 3 Ratings

      Did this article help you?
      This article resolved my issue.
      This article did not resolve my issue.
      This article helped but additional information was required to resolve my issue.

      What can we do to improve this information? (4000 or fewer characters)




      Please enter the Captcha code before clicking Submit.
      • 3 Ratings
      Actions
      KB: