VMware Cloud Community
rmcfar
Contributor
Contributor
‎05-30-2016 03:34 AM

VCSVA 5.5 Update 2 upgrade to Update 3d fails

Hello, I am hoping someone can help with this one. We are trying to upgrade our vCenter Server Virtual Appliance from update 2 to update 3d. The update runs OK but after a reboot the vpxd service fails to start and the following error is logged in the vpxd log:

2016-05-30T10:32:14.954Z [7F3B09A61740 error 'linuxvpxLdap_linux'] [LDAP Client] Failed to bind to LDAP with userDN =cn=Administrator,dc=virtualcenter,dc=vmware,dc=int: 0x53 (Server is unwilling to perform)

After this the LDAP daemon does not start and so the vpxd daemon does not start.

I have tried removing/re-adding AD authentication, recreating the SSO entity all to no avail. Is this something that anyone has come across?

Further to this; I have noticed the /etc/VMware-vpx/instance.cfg file does not seem to be fully configured. The only entry it contains is:

ldapHost=127.0.0.1

Before the upgrade this file contains a lot more configuration points. I have tried backing up the instance.cfg file before running the upgrade and then copying this back over once the upgrade is complete. Doing this LDAP then logs invalid credential errors.

Is this something anyone has seen before?

It does seem strange that the update process does not seem to be completely cleanly. I have ran both from the web console and from the CLI in the shell. as no one else ran into issue upgrading from 5.5 Patch 2e to Patch 3d?

Looking at the logs a bit more. Before the first failed upgrade the logs showed:

Executing pre-startup scripts...

Updating the vCenter endpoint in the Lookup Service.

Intializing registration provider...

Getting SSL certificates for https://xxx.xxx.xxx.xxx:7444/lookupservice/sdk

Service with name 'vpxd-hostname-e51de4d6-b8ac-41da-923b-b8cc6aa8b921' and ID 'local:1efff2b4-7d9a-4636-bdec-44342810c363' was updated.

Return code is: Success

They are now showing:

Executing pre-startup scripts...

unable to load certificate

6270:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:650:Expecting: TRUSTED CERTIFICATE

Does anyone know which certificate this would be and how to replace/update it?

Many thanks Roy

Message was edited by: Roy McFarlan

Reply
0 Kudos
0 Replies