marcwa19197
Contributor
Contributor

vCenter 6.7: Uploading Files to Content Library after changing SSL-Certificates (SSL error)

Hello,

a few days ago i changed the __MACHINE_CERT of my vCenter Server to one trusted by my client. (Issued by my own CA). I also added my own CA-Certificate to the vCenter.
Everything works fine, no certificate error in browser.

But now i tried to upload an .iso File to a newly created Content-Library. This failes with the following error shown in the vCenter Log)

Im using vCenter 6.7.

The import of library item e058b94e-29bd-4808-8add-c2547dc3e0f5 has failed.
Reason: Error transferring file isofilename.iso to

ds:///vmfs/volumes/5c23df69-f7a0c5da-307b-b8ac6f8ad266//contentlib-e128a4fa-a745-4ec2-9649-d2e93f12b3b3/e058b94e-29bd-4808-8add-c2547dc3e0f5/isofilename.iso?serverId=ca6785de-8a3b-4a46-b10a-aef692176f36. Reason: Error while uploading to datastore (ds:///vmfs/volumes/5c23df69-f7a0c5da-307b-b8ac6f8ad266//contentlib-e128a4fa-a745-4ec2-9649-d2e93f12b3b3/e058b94e-29bd-4808-8add-c2547dc3e0f5/isofilename.iso?serverId=ca6785de-8a3b-4a46-b10a-aef69

2176f36): SSL error.

Before i changed the certificate to my own, the content-library was working fine. Is there any other Certificate i have to replace?

I also tried to reboot everything. (Its just a lab server, so no worries.)

Can someone maybe help me?a

Thanks and best regards!

0 Kudos
8 Replies
Vijay2027
Expert
Expert

Can you check if DNS entry of vcenter is present in SAN field of certificate?

Open certificate --> Details --> Subject Alternate Name

0 Kudos
marcwa19197
Contributor
Contributor

Hi,

yes it is present, with DNS Name and additionally i added the IP

0 Kudos
Vijay2027
Expert
Expert

Attach content-library logs and web-client logs to this thraed..I will take a look:

content-library logs: /var/log/vmware/content-library

web-client: /var/log/vmware/vsphere-client/logs

0 Kudos
marcwa19197
Contributor
Contributor

Thank you!
i attached the logfiles. (Also i tried it again, so you have the error message at the bottom of the cls.log file in content-library.)

0 Kudos
marcwa19197
Contributor
Contributor

did you find something?

0 Kudos
daphnissov
Immortal
Immortal

Is this a personal lab environment?

0 Kudos
Vijay2027
Expert
Expert

I see errors related to vapi service, would require complete log bundle for review.

com.vmware.vapi.std.errors.NotAllowedInCurrentState: NotAllowedInCurrentState (com.vmware.vapi.std.errors.not_allowed_in_current_state) => {

    messages = [LocalizableMessage (com.vmware.vapi.std.localizable_message) => {

Did you open a SR with VMware support?

0 Kudos
Vijay2027
Expert
Expert

were you able to get this resolved?

0 Kudos