Hi @frankcooz
Please follow one of this instructions:
1:
Set "Toggle certificate setting" to ON from web UI or by creating file:
vcenter:~ # touch /etc/vmware-vpx/ssl/allow_regeneration
Stop all vmware-* services except vmware tools or switch to runlevel 2:
vcenter:~ # init 2
This will trigger same bash function that creates certificates on reboot with "Toggle certificate setting" ON:
vcenter:~ # source vpxd_commonutils; regenerate_certificates
script checks if existing certificate is self signed and if you have different hostname than specified in cert.
If you want to regenerate certificates without checking:
vcenter:~ # source vpxd_commonutils; generate_all_certificates replace
scripts MUST end with VC_CFG_RESULT=0, if not, check if vmware services are stopped
Set "Toggle certificate setting" to OFF or:
vcenter:~ # rm /etc/vmware-vpx/ssl/allow_regeneration
vcenter:~ # reboot
2:
Reboot VCSA
When the appliance starts, the GRUB boot loader shows briefly.
- When it appears, hit the up or down arrow to stop the boot countdown clock (which is only like 2 seconds).
- Following the instructions at the bottom of the screen, hit "p" to enter the unlock password (which is the root password). This will allow you to change the boot-time string.
- Highlight "VMWare vCenter Server Appliance" and press "e" to edit the boot settings.
- Highlight the "Kernel..." line and press "e" to edit the boot string.
- Append a "1" to the end so that it looks like this: "...showopts 1" (minus the quotation marks)
- Press enter, and then "b" to boot.
This will cause the appliance to boot in init level 1 (or single-user maintenance mode). From here, the root password will get you into the console where you can delete /etc/vmware-vpx/ssl/allow_regeneration. Reboot the server when you're done with "shutdown -r now". It shouldn't be necessary to go back into GRUB to remove the "1" you added earlier.
Check my blog, and if my answere resolved the issue, please provide a feedback.
Marco Frias - VMware is my World
www.vmtn.blog
