VMware Cloud Community
LordofVxRail
Enthusiast
Enthusiast
Jump to solution

upgrade to 10.2.2 breaks catalog sync

Hello all, has anyone else encountered this?

once upgrade to 10.2.2 is complete, I am greeted with:

Administrators, if you have any subscribed catalogs, verify that the catalog synchronization is working properly. If the synchronization fails, verify and save your subscription settings again. All other users can ignore or dismiss this message.
LordofVxRail_0-1622197271864.png

 

here we see catalog sync is indeed broken:

LordofVxRail_1-1622197312485.png

 

 
Error: Subscription details for external catalog could not be validated. Reason [Err Code: CERTIFICATE_ERROR]: Remote catalog certificate error: Certificate for <x.x.x.x> doesn't match any of the subject alternative names
 
LordofVxRail_0-1622197688274.png

 


 


 

It's certainty certificate related, however, all is working across my sites prior to upgrade.

Reply
0 Kudos
1 Solution

Accepted Solutions
LordofVxRail
Enthusiast
Enthusiast
Jump to solution

I managed to fix this for anyone who is interested.

 

my NSX V Manager, checking SSL Certificates, I noticed that the Common Name (CN) was not a full fqdn, I just had a hostname in there.

added full fqdn, re-generated certs, then re-connected my VC in Cloud / vCenter Server Instances

 

..issue is fixed. I am now fully upgraded to latest verison.

View solution in original post

Reply
0 Kudos
6 Replies
LucianoPatrão
Jump to solution

Hi,

Have you imported and trusted certificates after the upgrade?

/opt/vmware/vcloud-director/bin/cell-management-tool trust-infra-certs --vsphere --unattended

Try to see if it fix your issues.

Luciano Patrão

VCP-DCV, VCAP-DCV Design 2023, VCP-Cloud 2023
vExpert vSAN, NSX, Cloud Provider, Veeam Vanguard
Solutions Architect - Tech Lead for VMware / Virtual Backups

________________________________
If helpful Please award points
Thank You
Blog: https://www.provirtualzone.com | Twitter: @Luciano_PT
Reply
0 Kudos
LordofVxRail
Enthusiast
Enthusiast
Jump to solution

hey, thanks for the suggestion, yes I did try this, certs imported as expected from cli, but UI issue remained.

I'm going to try this again next week and will collect more data

Reply
0 Kudos
StevenSWI
Contributor
Contributor
Jump to solution

Hey,

 

Do you have an update here?

We have the same issue at the moment. We are Subscribed to the bitnami catalog?

Reply
0 Kudos
LordofVxRail
Enthusiast
Enthusiast
Jump to solution

Hi,

 

sorry no, I have not had time to troubleshoot this further, I rolled back to 10.1

I suspect an underlying issue with my certs  / config.

 

 

Reply
0 Kudos
LordofVxRail
Enthusiast
Enthusiast
Jump to solution

I managed to fix this for anyone who is interested.

 

my NSX V Manager, checking SSL Certificates, I noticed that the Common Name (CN) was not a full fqdn, I just had a hostname in there.

added full fqdn, re-generated certs, then re-connected my VC in Cloud / vCenter Server Instances

 

..issue is fixed. I am now fully upgraded to latest verison.

Reply
0 Kudos
No_Way
Enthusiast
Enthusiast
Jump to solution

Good that you find it.

Honestly, I did that some issue some time ago, I cant remember the error, but it was a problem in the cert Common Name.