VMware Cloud Community
LBeneke
Contributor
Contributor
‎10-02-2021 09:56 AM

Certificate-manager always gives incorrect password error, even for valid credentials

We are running a local vSphere server without internet breakout. Without us noticing, the sts and ssl certificates of the server expired. Because of this, we are unable to log in to the SSO vCenter from a web browser. Thus, we are attempting to address this issue from the windows host OS side. When running the certificate-manager, we are unable to renew the system certificates because upon request for authentication, the password is always seen as incorrect, even though we know it is correct (we have even reset the password using the admin tool to be sure). This happens with all eight of the possible options.

0 Kudos
8 Replies
waterninja
Contributor
Contributor
‎02-14-2022 07:30 AM

Did you ever get this fixed? If so, how? I am having the same issue, and VMWare support is inept as usual.

0 Kudos
LBeneke
Contributor
Contributor
‎02-14-2022 08:07 PM

I did get it fixed. It's not elegant, but repetitively resetting password and retrying got me to a point where it suddenly did accept the password. For me, it was somewhere after round 30 of attempts of password reset and retry.

0 Kudos
Papousek
Contributor
Contributor
‎08-24-2022 02:21 PM

Thank you so much ! Without your fix, i would never try it so many times (for me about 20 🙂 ).

But what it is for stupidity from vmware ?! If i didn't have same problem, i would say the solution is nonsence...

 

Thank you once more.

0 Kudos
ptarnawski
Hot Shot
Hot Shot
‎08-25-2022 02:51 AM

And I bet you it was a bad character in the password plus a different keyboard layout. You may had @ symbol in the password but the layout was of the keyboard produced " instead of @ 

 

As for STS expiration here is a solution : 

https://angrysysops.com/2021/07/05/how-to-check-if-sts-certificate-is-about-to-expire-or-expired-alr...

 



Visit my blog:AngrySysOps.com
YT: AngryAdminYoutube
Visit my:Xwitter


If my answer has successfully addressed your issue, kindly mark it as RESOLVED. If it has provided valuable assistance, consider giving it a KUDOS. Thanks
0 Kudos
Papousek
Contributor
Contributor
‎08-25-2022 05:07 AM

Copy and paste has nothing to do with keybord layout !

0 Kudos
ptarnawski
Hot Shot
Hot Shot
‎08-25-2022 05:16 AM

It could happen that you copied white space. 



Visit my blog:AngrySysOps.com
YT: AngryAdminYoutube
Visit my:Xwitter


If my answer has successfully addressed your issue, kindly mark it as RESOLVED. If it has provided valuable assistance, consider giving it a KUDOS. Thanks
0 Kudos
gvidals96
Contributor
Contributor
‎07-20-2023 07:50 PM

My issue was that the default username provided was Administrator@vsphere.local instead of administrator@vsphere.local:

Do you wish to generate all certificates using configuration file : Option[Y/N] ? : Y

Please provide valid SSO and VC privileged user credential to perform certificate operations.
Enter username [Administrator@vsphere.local]:administrator@vsphere.local  <----- I kept accepted the default value here until I realized
Enter password:

Please configure certool.cfg with proper values before proceeding to next step.

Press Enter key to skip optional parameters or use Default value.

Enter proper value for 'Country' [Default value : US] :

0 Kudos
turkadurka
Contributor
Contributor
‎11-08-2023 02:34 PM

Ran into the same issue. Found this article that provides instructions on how to reset password for Administrator@vsphere.local user account. After resetting password I was able to authenticate Certificate Manager. I hope this helps someone else too.

https://kb.vmware.com/s/article/2146224

0 Kudos