VMware Cloud Community
zmclean
Enthusiast
Enthusiast
‎06-15-2015 08:48 AM

VSAN Health 503 error after certificate replacement VCSA

Running vCenter appliacne 6 and after turning my PCS into a CA for domain and restarting the vCenter to get new certificate the VSAN Health Plug-in no longer works.

I have uninstalled the the plugin, reinstalled, replacepkgs etc.    nothing seems to help.  The VSAN health log has this.   

2015-06-15T15:05:45.159Z DEBUG vsan-health[MainThread] [VsanHealthServer::Daemonize] Write pidfile

2015-06-15T15:05:45.160Z INFO vsan-health[MainThread] [VsanHealthServer::GetPidFile] The pid file is /var/run/vmware-vsan-health/vmware-vsan-health.pid

2015-06-15T15:05:45.160Z DEBUG vsan-health[MainThread] [VsanHealthServer::Daemonize] Done with daemon stuff

2015-06-15T15:05:45.541Z WARNING vsan-health[MainThread] [VsanPyVmomiProfiler::InvokeAccessor] Invoke: mo=ServiceInstance, info=content

2015-06-15T15:05:45.544Z WARNING vsan-health[MainThread] [VsanVcExtension::_TryConnect] Failed to log into VC, retrying in 10 seconds

2015-06-15T15:05:55.552Z WARNING vsan-health[MainThread] [VsanPyVmomiProfiler::InvokeAccessor] Invoke: mo=ServiceInstance, info=content

2015-06-15T15:05:55.554Z WARNING vsan-health[MainThread] [VsanVcExtension::_TryConnect] Failed to log into VC, retrying in 10 seconds

2015-06-15T15:06:05.564Z WARNING vsan-health[MainThread] [VsanPyVmomiProfiler::InvokeAccessor] Invoke: mo=ServiceInstance, info=content

2015-06-15T15:06:05.566Z WARNING vsan-health[MainThread] [VsanVcExtension::_TryConnect] Failed to log into VC, retrying in 10 seconds

Capture.PNG

Z-Bone
0 Kudos
3 Replies
vuzzini
Enthusiast
Enthusiast
‎06-15-2015 05:05 PM

Hi zmclean,

Have you updated the solution user certificates in PSC as well when you replaced machine SSL with customer CA cert. ?

If you found this or any other answer useful please consider the use of the Helpful or Correct buttons to award points. Sandeep Vuzzini Sr. DevOps Engineer
0 Kudos
zmclean
Enthusiast
Enthusiast
‎06-17-2015 07:58 AM

I have but it did not correct my issue. 

I may open a ticket to see if they can identify the cause of the 503 error

Z-Bone
0 Kudos
elerium
Hot Shot
Hot Shot
‎06-17-2015 12:01 PM

Give this a try, I needed to do this after cert replacement to internal CA to fix VSAN health plugin:

VMware KB: After replacing the vCenter Server certificates in VMware vSphere 6.0, the ESX Agent Mana...

0 Kudos