VMware Cloud Community
nicktalbot77
Contributor
Contributor

Solution User for vSphere Replication Cert Expiration?

I currently have a solution user associated with vsphere replication about to expire and I wanted to inquire about the best way to resolve this.  I read that you can reset all solution users with a vmca cert using the utility ("C:\Program Files\VMware\vCenter Server\vmcad\certificate-manager") on vcenter, but I am unsure if that's what I need to do.  This is a distributed environment, vsphere 6 with platform service controllers, 2 vcenters, and SRM enabled.

3 Replies
ntalbot777
Contributor
Contributor

I tracked the solution user cert to the replication appliance.  the replication appliance has an option to generate and install a self signed cert.  I am thinking this is the solution I am looking for.

Reply
0 Kudos
balazs_lovas
Enthusiast
Enthusiast

Hi,

Had the same issue this week. I can confirm, that regenerating the self signed certification on the VR appliance AND clicking the Save and Restart button added a new solution user to vCenter with an updated certificate.

slivovics
Contributor
Contributor

Falling back on the CLI is not always your first option. thats why I in particular liked the proposed solution above.

*

I wanted to unregister the VRA 6.1.2 in my environment as we decided to use IBM Spectrum SRA and had no use for

the replication Appliance anymore.

I could not unregister the replication appliance at all, the error keeped me popping that I had a wrong SSO administrator/password combination over & over.

*

I detected that the VR selfsigned certificate for the VR solution users Indeed had expired on both instances (one at each site)

*

I regenerated the selfsigned certificate, and Indeed needed to stop/restart the VRA.

*

I at such stage had 2 VR solution users with renewed self signed certificates

*

I was then able to unregister the VRA and get rid of it.

*

I preferred to do this at this stage in prior to the migration to vSphere 6.7

Reply
0 Kudos