Hi dharmendrarhce
This error appears if the key length of the root CA is greater than 2048. Keys with 4096 and greater length are causing issues.
If you have a Microsoft CA you can do the following to resolve your issue:
1. Create a CAPolicy.inf in C:\Windows
2. In the CAPolicy.inf put:
[Certsrv_Server]
RenewalKeyLength=2048
RenewalValidityPeriod=Years
RenewalValidityPeriodUnits=10
3. Renew the CA root certificate and accept regenerating the key and you’re done.
4. Reset PSC and VCSA certificate and import the new generated SSL certificates again.
Regards,
Mohamad
Please consider marking this answer "correct" or "helpful" if you think your question have been answered correctly.
Cheers,
@vExpertConsult
www.vexpertconsultancy.com
VCIX-DCV 2018 | VCIX-NV 2019 | VCAP7-CMA Design | vSAN Specialist | vExpert ** | vExpert NSX | vExpert vSAN
