fehret
Enthusiast
Enthusiast

vCenter 6.7 update 1 VAMI certificate issue after update

Dear all,

In my lab, I've tried a migration from vCenter 6.5 update 2 to vCenter 6.7 update 1.

Sadly, "as usual", I get the same error as described here : VMware Knowledge Base (I've had this error many times in updates)

Important things to know : I've a custom intermediate CA generated by an MS ADCS (don't think it changes anything if it is ADCS or another custom CA though)

Unfortunaly, the fix fix doesn't work anymore.

Would you have any idea why ? Probably something has changed ion the certificate handling...

Thanks in advance ! 😉

0 Kudos
2 Replies
fehret
Enthusiast
Enthusiast

No one ? 🙂

0 Kudos
brtlvrs
Enthusiast
Enthusiast

Hi,

I had the same question and also made a support request.

The info in the KB article doesn't help.

But I got it to work.

The steps are as followed:

.1 download the web-client certificate via a webbrowser

.2 if needed, download also the intermediate CA and CA certificates

.3 download the certificate key that was created when creating the web-client certificate.

.4 create a vami.pem file which contains the content of the downloaded files in the following order

     <key file>

     <web-client certificate>

     <intermediate CA certificate>

     <CA certificate>

.5 upload the vami.pem file to /etc/applmgmt/appliance

.6 edit the file /opt/vmware/etc/lighttpd/lighttpd.conf , first make a backup of this file

     find the line  that starts with ssl.ca-file

     change it to ssl.ca-file="/etc/applmgmt/appliance/vami.pem".7 restart the VAMI service

    /etc/init.d/vami-lighttp restart

Please consider marking this answer "CORRECT" or "Helpful" if you think your question have been answered correctly.
0 Kudos