VMware Cloud Community
ncolyer
Enthusiast
Enthusiast

vRA8 - Can't add vCenter

Hey everyone,

I'm getting this error every time I try to add any of my vCenters to vRA8.

Unable to validate the provided access credentials: Failed to validate credentials. Error: Failed to connect to vCenter: Your certificate may be untrusted. To trust the certificate validate your account credentials and accept the untrusted certificate. Save your cloud account after validation succeeds. Error: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Cloud account: null Task: /provisioning/endpoint-tasks/261cdb286c4ad07559d52415ad8

I have tried restarting the vRA appliance. I've also tried a couple of vCenters and both throw the same error. Nothing pops up to validate any certificate. Curious if anyone else has encountered this?

Thanks,

Nick

6 Replies
stevedrummond
Hot Shot
Hot Shot

Have you got a proxy configured?

If you do, you need to disable the Proxy to add the vCenter server and accept the certificate. Once you have accepted the certificate you can re-add the proxy and the endpoint will continue to work fine. This occurs even on 8.0.1 HF1.

There is a fix you can get if you register a support case with GSS which fixes this proxy issue (and other proxy issues for the provisioning-service); I assume it will publicly available in HF2/8.1.

ncolyer
Enthusiast
Enthusiast

I don't think I have a proxy configured, or at least I don't remember setting one up during the initial config. Any ideas where I go to disable it? I'll also check the docs and see if i can find something.

Reply
0 Kudos
stevedrummond
Hot Shot
Hot Shot

SSH to the appliance and run vracli proxy show.

In the resulting output look for Enabled: true|false.

You can only set it through vracli so if you don't remember doing it it's unlikely to be enabled.

Have you tailed the provisioning-service pod logs to see what's happening?

Reply
0 Kudos
hk2020
Contributor
Contributor

Similar error is reported when github enterprise integration is attempted. Not sure if there is a way to manually import the certificate and then attempt the integration.

Reply
0 Kudos
prydin
VMware Employee
VMware Employee

I just ran into the same issue. Were able to resolve it? Disabling the proxy didn't help in my case.

Reply
0 Kudos
glanzmann
Enthusiast
Enthusiast

Hello,

I had the same issue. I issued a letsencrypt certificate for my vCenter and applied it. Afterwards I was able to add the vCenter.

Cheers,

Thomas

Reply
0 Kudos