VMware Cloud Community
STMR
Contributor
Contributor
‎10-20-2020 07:18 AM

VCF 4.1 deployment : Bring up is failing with error "Failed to import ESXi certificate in trust store"

Hi There,

Getting the below error during bring up process using cloud builder.  Any pointers to fix the below issue is much appreciated.

2020-10-20T13:58:58.956+0000 [bringup,426d4f6474f7d65f,9528] ERROR [c.v.e.s.o.model.error.ErrorFactory,pool-3-thread-17] [KL9DSV] IMPORT_ESX_CERTIFICATE_FAILED Failed to import ESXi certificate in trust store

com.vmware.evo.sddc.orchestrator.exceptions.OrchTaskException: Failed to import ESXi certificate in trust store

        at com.vmware.evo.sddc.input.generation.ValidateEsxThumbprintsAction.execute(ValidateEsxThumbprintsAction.java:135)

        at com.vmware.evo.sddc.input.generation.ValidateEsxThumbprintsAction.execute(ValidateEsxThumbprintsAction.java:44)

        at com.vmware.evo.sddc.orchestrator.platform.action.FsmActionState.lambda$static$0(FsmActionState.java:14)

        at com.vmware.evo.sddc.orchestrator.platform.action.FsmActionState.invoke(FsmActionState.java:62)

        at com.vmware.evo.sddc.orchestrator.platform.action.FsmActionPlugin.invoke(FsmActionPlugin.java:168)

        at com.vmware.evo.sddc.orchestrator.platform.action.FsmActionPlugin.invoke(FsmActionPlugin.java:153)

        at com.vmware.evo.sddc.orchestrator.core.ProcessingTaskSubscriber.invokeMethod(ProcessingTaskSubscriber.java:399)

        at com.vmware.evo.sddc.orchestrator.core.ProcessingTaskSubscriber.processTask(ProcessingTaskSubscriber.java:519)

        at com.vmware.evo.sddc.orchestrator.core.ProcessingTaskSubscriber.accept(ProcessingTaskSubscriber.java:123)

        at sun.reflect.GeneratedMethodAccessor1541.invoke(Unknown Source)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:498)

        at com.google.common.eventbus.Subscriber.invokeSubscriberMethod(Subscriber.java:87)

        at com.google.common.eventbus.Subscriber$1.run(Subscriber.java:72)

        at org.springframework.cloud.sleuth.instrument.async.TraceRunnable.run(TraceRunnable.java:67)

        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

        at java.lang.Thread.run(Thread.java:748)

Caused by: java.lang.UnsupportedOperationException: The class com.vmware.evo.sddc.input.generation.BringupInputProgressMessages must define the key VALIDATE_ESX_THUMBPRINT in the bundle com.vmware.evo.sddc.input.generation.progress-messages

        at com.vmware.evo.sddc.common.core.i18n.LocalizableMessage.getDefaultMessage(LocalizableMessage.java:55)

        at com.vmware.evo.sddc.common.core.i18n.LocalizableMessage.withArgs(LocalizableMessage.java:64)

        at com.vmware.evo.sddc.input.generation.ValidateEsxThumbprintsAction.execute(ValidateEsxThumbprintsAction.java:107)

        ... 17 common frames omitted

2020-10-20T13:58:58.959+0000 [bringup,426d4f6474f7d65f,9528] DEBUG [c.v.e.s.o.c.ProcessingTaskSubscriber,pool-3-thread-17] Collected the following errors for task with name ValidateEsxThumbprintsAction and ID 7f000001-7525-12a6-8175-2b41ae8b01ab: [ExecutionError [errorCode=null, errorResponse=LocalizableErrorResponse(messageBundle=com.vmware.evo.sddc.input.generation.error.messages)]]

pastedImage_1.png

0 Kudos
3 Replies
scott28tt
VMware Employee
VMware Employee
‎10-21-2020 02:24 PM

Moderator: Thread moved to the Cloud Foundation area.


-------------------------------------------------------------------------------------------------------------------------------------------------------------

Although I am a VMware employee I contribute to VMware Communities voluntarily (ie. not in any official capacity)
VMware Training & Certification blog
0 Kudos
Todor_Todorov
Hot Shot
Hot Shot
‎10-21-2020 02:42 PM

It seems that the validation of ESXi thumbprints is broken in this release. Can you try running bringup with selecting the option to skip ESXi thumbprint validation?

0 Kudos
RickVerstegen
Expert
Expert
‎12-10-2020 01:55 AM

Did you define the correct ESXi thumbprints in the parameter sheet?
You can find this information manually by looking at the DCUI screen of the ESXi hosts.

Was I helpful? Give a kudo for appreciation!
Blog: https://rickverstegen84.wordpress.com/
Twitter: https://twitter.com/verstegenrick
0 Kudos