VMware Cloud Community
Dr_Virt
Hot Shot
Hot Shot
Jump to solution

Trusted Certificates

Trying to implement multitenancy on VRA 8.4.

We are using private certificates within the datacenter. We have installed internally trusted certificates to the IDM appliance with multiple SANs. We running the multitenancy request from LCM, it fails with "Failed to validate if the certificate on the host xxxxx contains a SAN entry for the tenant xxxxx."

The certificate on the IDM has the SAN. It seems that the LCM cannot validate the private root CA. We uploaded the certificates to the /opt/vmware/vlcm/certs directory and rolled them into the /etc/pki/tls/certs/ca-bundle.crt file. 

Any ideas on how to get LCM to trust our private root?

Reply
0 Kudos
1 Solution

Accepted Solutions
Dr_Virt
Hot Shot
Hot Shot
Jump to solution

Figure out that LCM is specifically only checking the SAN field. Added the name to the SAN specific field, not the certificate name, and it resolved the issue.

View solution in original post

1 Reply
Dr_Virt
Hot Shot
Hot Shot
Jump to solution

Figure out that LCM is specifically only checking the SAN field. Added the name to the SAN specific field, not the certificate name, and it resolved the issue.