I have a strange problem that I have been working on all day and just don't know what else to do.
I migrated my internal CA to 2016 server which required me to update my certs for vSphere. I went though the steps and thought all was good until I tried to SSH into the VMCA. I kept getting Access Denied errors when logging in with the root account. It eventually locked the account and found steps to unlock it and I even tried resetting the password.
Now here is what is strange. All of my hosts and vCenter show the correct certificate in my browser. Even the PSC URL is good (https://vmca.domain.com/psc). I am able to login all fine and dandy. However, if I go to https://vmca.domain.com:5480 it shows the certificate from my old 2012 CA which is no longer online and I cannot login. But if I go to https://vmca:5480 I can login but the certificate is still wrong.
I also cannot access the VMCA with WinSCP, keeps giving me authentication errors. I cannot SSH into it with my root account, just keeps saying Access Denied. I can SSH with my firstname.lastname@example.org account but I can't do a whole lot.
So what I want to do is reset everything back to self-signed certs and go through the process again but cannot get anywhere. Hoping someone has some ideas for me to try. Any help would be appreciated.
I resolved my Access Denied error when trying to SSH into vCenter by following this article:
In my case I had set it to /bin/bash/ instead of /bin/bash
But I still have the certificate issue when attempting to get to https://vcsa.domain.com:5480. It gives me an invalid certificate error and I cannot login. But if I go to https://vcsa:5480 I can login and see that my certificate is still from my old CA. Would like to fix this as it is bugging me. Any ideas are welcome.