I'm getting an error when trying to scan my hosts for update compliance. the error states:
"Cannot deploy host upgrade agent. Ensure that vSphere Lifecycle Manager is officially signed. Check the network connectivity and logs of host agent and vpxa for details."
My Center server does have a valid signed SSL certificate so I'm not sure what else needs to be "officially signed". Can anyone points me in the right direction for this? Thanks for your time!
my environment is:
vCenter 7 Server 1:
-ESXi 6.5 host x 3
esxcli storage vmfs extent list
esxcli software sources profile list -d /vmfs/volumes/5a9e8725-db43c4e1-7a73-801844e970c6/VMware-ESXi-7.0U1c-17325551-depot.zip
esxcli software profile update -d /vmfs/volumes/5a9e8725-db43c4e1-7a73-801844e970c6/VMware-ESXi-7.0U1c-17325551-depot.zip -p ESXi-7.0U1c-17325551-standard --no-sig-check
Run this command from a putty session:
esxcli system settings kernel list -o execinstalledonly
if the runtime is set to TRUE then you have to turn off the execinstalledOnly kernel setting:
esxcli system settings kernel set -s execinstalledonly -v FALSE
Reboot
Then see if the lifecycle manager can patch the hosts.
Had the same issue:
"Cannot deploy host upgrade agent. Ensure that vSphere Lifecycle Manager is officially signed. Check the network connectivity and logs of host agent and vpxa for details."
I set the kernel execinstalledonly option to FALSE and it worked. How did you determine the cause and resolution?
Thank you.
This gave me a PSOD until I turned it back on via boot options.
Any other ideas?
I'm having the same issue. My execinstalledonly is set to false already and still get the error message. I have a ticket open with VMware but they have not replied to me yet.
Are you running any unsigned VIBs?
What does the PSOD say?
Did they find out what the issue was for you?
Did you get any useful reply from VMware support about this ?
No update yet. Support has been slow to respond.
@Abhijith_UAE wrote: West Penn Power Bill PayI'm getting an error when trying to scan my hosts for update compliance. the error states:
"Cannot deploy host upgrade agent. Ensure that vSphere Lifecycle Manager is officially signed. Check the network connectivity and logs of host agent and vpxa for details."
My Center server does have a valid signed SSL certificate so I'm not sure what else needs to be "officially signed". Can anyone points me in the right direction for this? Thanks for your time!
my environment is:
vCenter 7 Server 1:
-ESXi 6.5 host x 3Here is what I did as a workaround.Upgraded the individual Esxi using CLIUpload the vmware esxi zip file to datastoreset the host in maintenance modeenable SSHputty to itfind the volume id usingesxcli storage vmfs extent listBrowse the list of updates on the zip by providing the pathesxcli software sources profile list -d /vmfs/volumes/5a9e8725-db43c4e1-7a73-801844e970c6/VMware-ESXi-7.0U1c-17325551-depot.zipinstall the update with the path, without signature checkesxcli software profile update -d /vmfs/volumes/5a9e8725-db43c4e1-7a73-801844e970c6/VMware-ESXi-7.0U1c-17325551-depot.zip -p ESXi-7.0U1c-17325551-standard --no-sig-checkreboot the host if is successful.It worked for me, and was able to apply newer patches once the esxi is up. please try it at your own risk.
I set the kernel execinstalledonly option to FALSE and it worked. How did you determine the cause and resolution?
Support suggest the same workaround as the previous post. I should install the updates/patches via the CLI command. I will be trying that this weekend.
To be honest I'm frustrated with the response. It sounded like this was a issues for others and no real idea of the true cause.