VMware Cloud Community

Problems after replacing VC Machine SSL cert

The machine cert on 1 of our VCs was getting ready to expire, so I replaced the custom cert with a default one. I assumed that would be the easiest way to resolve it. 

Apparently, I broke Site Recovery Manager, now the VCs don't recognize each other claiming the SSL thumbprint doesn't match what they think they should be.

1 error during this process was: "unable to connect to lookup service": https://kb.vmware.com/s/article/83675

and "certificate mismatches": https://kb.vmware.com/s/article/78920

I downloaded LSDOCTOR (https://kb.vmware.com/s/article/80469), and ran through STATEFIX and TRUSTFIX, which completed successfully.

SRM error is now unable to retrieve summary data:srm summary data error.JPG


I attempted to modify the SRM installs on their respective servers, and still can't get the pair to reconnect.


thumbprint doesnt match.JPG


I have tried everything I can find, and not able to get this working so wanted to reach out to those more knowledgeable than me!

0 Kudos
2 Replies

try using http://flings.vmware.com/vsphere-diagnostic-tool to verify the vCenter server and the certificates, once you have confirmed that they are valid, from the SRM VAMI re-pair the appliance to the vCenter, running that workflow should solve the problem.

0 Kudos
Hot Shot
Hot Shot


Please check the kb https://kb.vmware.com/s/article/85970?lang=en_US .

You might to have inject the thumbprint of the MACHINE_SSL_CERT in the SRM DB.




0 Kudos