Hi, and thanks for the reply.

For the architecture, this is a configuration I´ve already done a few times over the years and that today VMware officially calls a vRA "medium" configuration (with Web and Manager on the same machines). Of course it has the overlapping load balancing instances but that works like a charm and is officially supported. Also, this is a demo installation environment, so I´m not exactly looking for much scalability 🙂

As for the certificate, it is indeed quite strange. I had no problems at all till 7.2 and now it´s happening on 7.3.

I did another installation using the wizard and noted that it places the certificate into the "Personal" and "Trusted People" certificate stores. Tried to do the same but the old manual installer keeps getting certificate check errors. Either it has some sort of bug or it is looking for a complete different certificate.

I noted that the Management Agent also installs a certificate, so I tried installing it but got the same results.

Still on the quest to do a full manual 7.3 installation.

Why aren't you just using the wizard to do the install, in that case? Even with the architecture you want to deploy, you shouldn't need to fall back on the manual IaaS installer. The wizard is capable of all (I think) configurations.

Read the first two lines from my original post

I´m a consultant and part of my job is also to train new team members.

And I had certain issues with some team members that encountered issues using the wizard in the past and were unable to proceed because they simply "wouldn´t go with the manual install because they didn´t know how to do a manual install".

Not that the reason actually matters, cause like I´ve also placed above, I did manage a successful installation using the wizard but now there seens to be an issue with the manual installer.

I just finished up a medium deployment as well although I used the wizard to perform my install. I got hung up on certs a bit too because it looks like if your web/manager services are going to be on the same boxes you only need one cert for that to function instead of a separate cert for each service as you would if they were broken out. The manager service ends up just using the same cert as the web service.

Of course that means that you need your load balanced url for your manager service as a SAN in your web servers cert in order to pull this off. That's the part that was tripping me up, and perhaps it's doing the same for you. Worth taking a second look anyway.. good luck!

Hum... unlikely.

Like I said, since this is a demo, I´m using the same certificates.

I´ve also stumpled upon the Web Site/Manager same machine/same certificate thing (which kind of makes sense since they´re binding to the same port and vRA does not use virtual servers or anything similar to actually separate them).

The certificates when used by the wizard works just fine.

The certificates when used by the manual installer fail.

I´m mostly convinced of two possible explanations:

1 - 7.3 manual installer is bugged and simply doesn´t work (if anyone managed a 7.3 installation using the manual installer, please let me know);

2 - 7.3 manual installer is searching for some other certificate which is not documented and that the wizard automatically (and silently) installs.