We are running a local vSphere server without internet breakout. Without us noticing, the sts and ssl certificates of the server expired. Because of this, we are unable to log in to the SSO vCenter from a web browser. Thus, we are attempting to address this issue from the windows host OS side. When running the certificate-manager, we are unable to renew the system certificates because upon request for authentication, the password is always seen as incorrect, even though we know it is correct (we have even reset the password using the admin tool to be sure). This happens with all eight of the possible options.
Did you ever get this fixed? If so, how? I am having the same issue, and VMWare support is inept as usual.
I did get it fixed. It's not elegant, but repetitively resetting password and retrying got me to a point where it suddenly did accept the password. For me, it was somewhere after round 30 of attempts of password reset and retry.
Thank you so much ! Without your fix, i would never try it so many times (for me about 20 🙂 ).
But what it is for stupidity from vmware ?! If i didn't have same problem, i would say the solution is nonsence...
Thank you once more.
And I bet you it was a bad character in the password plus a different keyboard layout. You may had @ symbol in the password but the layout was of the keyboard produced " instead of @
As for STS expiration here is a solution :
Copy and paste has nothing to do with keybord layout !
It could happen that you copied white space.
My issue was that the default username provided was Administrator@vsphere.local instead of administrator@vsphere.local:
Do you wish to generate all certificates using configuration file : Option[Y/N] ? : Y
Please provide valid SSO and VC privileged user credential to perform certificate operations.
Enter username [Administrator@vsphere.local]:administrator@vsphere.local <----- I kept accepted the default value here until I realized
Enter password:
Please configure certool.cfg with proper values before proceeding to next step.
Press Enter key to skip optional parameters or use Default value.
Enter proper value for 'Country' [Default value : US] :
Ran into the same issue. Found this article that provides instructions on how to reset password for Administrator@vsphere.local user account. After resetting password I was able to authenticate Certificate Manager. I hope this helps someone else too.