Agamen0n
Contributor
Contributor

Importing certificate into vCenter fails with Error occurred while fetching tls: Exception found (0)

Using vCenter web UI when I try to import a custom certificate, respective private key and the associated certificate chain I get the error "Error occurred while fetching tls: Exception found (0)". It is worth noticing that the output below is reproducible only with a CSR generated via OpenSSL for Windows, if I use the vCenter web UI to generate the CSR, this issue is not reproducible.

If I lookup in the certificate log (/var/log/vmware/certificatemanagement/certificatemanagement-svcs.log) I see a Java exception (see below), does anyone know what is generating this error? I have checked tht the certificate and key are correctly generated and belong to each other and the certificate bundle I am using is in production use widely accross the company.

2021-01-23T17:47:21.321Z [tomcat-exec-29 ERROR com.vmware.certificatemanagement.vapi.impl.TlsProviderImpl opId=] Exception was thrown while executing set:
java.lang.ArrayIndexOutOfBoundsException: 0
at com.vmware.certificatemanagement.impl.SSLCertificate.replace(SSLCertificate.java:544)
at com.vmware.certificatemanagement.vapi.impl.TlsProviderImpl.set(TlsProviderImpl.java:86)
at com.vmware.vcenter.certificate_management.vcenter.TlsApiInterface$SetApiMethod.doInvoke(TlsApiInterface.java:43)
at com.vmware.vapi.internal.bindings.ApiMethodSkeleton.invoke(ApiMethodSkeleton.java:232)
at com.vmware.vapi.provider.ApiMethodBasedApiInterface.invoke(ApiMethodBasedApiInterface.java:86)
at com.vmware.vapi.provider.local.LocalProvider.invokeMethodInt(LocalProvider.java:406)
at com.vmware.vapi.provider.local.LocalProvider.invoke(LocalProvider.java:277)
at com.vmware.vapi.provider.introspection.ErrorAugmentingFilter.invoke(ErrorAugmentingFilter.java:73)
at com.vmware.vapi.authz.impl.AuthorizationFilter.invoke(AuthorizationFilter.java:237)
at com.vmware.vapi.provider.introspection.ErrorAugmentingFilter.invoke(ErrorAugmentingFilter.java:73)
at com.vmware.vapi.security.AuthenticationFilter$1.setResult(AuthenticationFilter.java:180)
at com.vmware.vapi.security.AuthenticationFilter$1.setResult(AuthenticationFilter.java:166)
at com.vmware.vapi.cis.authn.SamlTokenAuthnHandler.authenticate(SamlTokenAuthnHandler.java:61)
at com.vmware.vapi.security.AuthenticationFilter.invoke(AuthenticationFilter.java:165)
at com.vmware.vapi.protocol.server.msg.json.JsonServerConnection.processApiRequest(JsonServerConnection.java:396)
at com.vmware.vapi.protocol.server.msg.json.JsonServerConnection.requestReceived(JsonServerConnection.java:229)
at com.vmware.vapi.protocol.server.rpc.http.impl.HttpStreamingServlet.doPostImpl(HttpStreamingServlet.java:119)
at com.vmware.vapi.protocol.server.rpc.http.impl.HttpStreamingServlet.doPost(HttpStreamingServlet.java:88)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:660)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:798)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:808)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)

Labels (1)
0 Kudos
2 Replies
scott28tt
VMware Employee
VMware Employee

@Agamen0n 

Moderator: Moved to vCenter Server Discussions

0 Kudos
Agamen0n
Contributor
Contributor

This is fixed it was a between chair and keyboard type of issue 🙂 I was connecting to the wrong server ip.

Tags (1)