VMware Cloud Community
Voipuser
Contributor
Contributor
‎02-27-2017 11:27 PM

Cannot add ESXi host 6.0 to vCenter 6.0. Showing A general system error occurred: Unable to push signed certificate to the host

I am having really hard time trying to figure out the issue where my ESXi 6.0 host cannot be added to vCenter 6.0. Not sure what the problem is. Seeing the below error.

A general system error occurred: Unable to push signed certificate to the host.

Regenerated the certificate.Tried adding using the hostname, IP and tried lot of other options but no luck.

Could someone please shed some light here on what could be the potential issue?

0 Kudos
7 Replies
Mattallford
Hot Shot
Hot Shot
‎02-27-2017 11:44 PM

‌Is NTP configured correctly in your environment?

Aany further clues in vpxa.log / hostd.log on the host or vpxd.log on the VC server when you try to connect?

VCP6-DCV | VCAP6-DCV Deploy @mattallford If you found my answers useful, please help me by marking them as Helpful or Correct!
0 Kudos
Voipuser
Contributor
Contributor
‎02-27-2017 11:52 PM

Thanks for your response. I dont see any issue with the NTP.

Here are the errors from the VXPD.log. I am using self-signed certificates. My other ESXi hosts dont have any issues. Only this particular one is having problem.

2017-02-28T08:08:40.590Z error vpxd[7F2359BD4700] [Originator@6876 sub=hostInvtOps opID=A6482D2C-00000063-74] [HostInvtOps::AddStandaloneHost] Caught an exception while attempting to add standalone host: vmodl.fault.SystemError

2017-02-28T08:08:40.593Z error vpxd[7F235974B700] [Originator@6876 sub=HttpConnectionPool-000001] [ConnectComplete] Connect failed to <cs p:00007f235e2fc1c0, TCP:10.1.200.7:443>; cnx: (null), error: N7Vmacore3Ssl18SSLVerifyExceptionE(SSL Exception: Verification parameters:

--> PeerThumbprint: 2B:44:55:88:06:EE:A8:73:87:36:55:16:1B:AF:59:80:56:DA:96:23

--> ExpectedThumbprint:

--> ExpectedPeerName: 10.1.200.7

--> The remote host certificate has these problems:

-->

--> * Host name does not match the subject name(s) in certificate.

-->

--> * unable to get local issuer certificate)

2017-02-28T08:08:40.593Z error vpxd[7F2359BD4700] [Originator@6876 sub=InvtHost opID=A6482D2C-00000063-74] [VpxdInvtHost::HandlePreRemovalCleanup] Failed to reconnect to cleanup before host removal : N3Vim5Fault14SSLVerifyFault9ExceptionE(vim.fault.SSLVerifyFault)

2017-02-28T08:08:41.034Z info vpxd[7F2359BD4700] [Originator@6876 sub=Default opID=A6482D2C-00000063-74] [VpxLRO] -- ERROR task-1525 -- group-h4 -- vim.Folder.addStandaloneHost: vmodl.fault.SystemError:

--> Result:

--> (vmodl.fault.SystemError) {

-->    faultCause = (vmodl.MethodFault) null,

-->    reason = "Unable to push signed certificate to host 10.1.200.7",

-->    msg = ""

--> }

--> Args:

-->

--> Arg spec:

--> (vim.host.ConnectSpec) {

-->    hostName = "10.1.200.7",

-->    port = <unset>,

0 Kudos
RAJ_RAJ
Expert
Expert
‎02-28-2017 12:08 AM

Hi ,

Kindly follow the procedure mentioned on the KB and check . Also make sure time is configured properly use NTP .

"Signed certificate could not be retrieved due to a start time error" when adding ESXi host to vCent...

Adding a host to vCenter Server fails with general system error or vim.fault.NoPermission (3824568) ...

Still facing issue remove the licence key and add the server with new trial version and check ,

RAJESH RADHAKRISHNAN VCA -DCV/WM/Cloud,VCP 5 - DCV/DT/CLOUD, ,VCP6-DCV, EMCISA,EMCSA,MCTS,MCPS,BCFA https://ae.linkedin.com/in/rajesh-radhakrishnan-76269335 Mark my post as "helpful" or "correct" if I've helped resolve or answered your query!
0 Kudos
Mattallford
Hot Shot
Hot Shot
‎02-28-2017 12:12 AM

‌Try regenerating the self signed cert on the ESXi host and then after the reboot try adding the host back in to VC.

vSphere 5.5 Documentation Center

Edit: Sorry, I just saw in the OP that you tried regenerating already. I assume this was the self signed cert? Did the process work OK and did the cert thumbprint change?

Cheers, Matt.

VCP6-DCV | VCAP6-DCV Deploy @mattallford If you found my answers useful, please help me by marking them as Helpful or Correct!
0 Kudos
Voipuser
Contributor
Contributor
‎02-28-2017 12:20 AM

I tried changing the certs multiple times with reboot but no luck. Time and time I am seeing the same error Smiley Sad

Only happening to this one host.

0 Kudos
JohnDSW
Contributor
Contributor
‎06-08-2017 02:40 PM

Did you ever find a resolution?

0 Kudos
rkabelich
Enthusiast
Enthusiast
‎07-02-2019 03:08 AM

Same problem. Reboot and assingning a free valid License solved the issue. Maybe this is helpful to someone else.

0 Kudos