3 Replies Latest reply on Jan 23, 2020 12:39 AM by slivovics

    Solution User for vSphere Replication Cert Expiration?

    nicktalbot77 Lurker

      I currently have a solution user associated with vsphere replication about to expire and I wanted to inquire about the best way to resolve this.  I read that you can reset all solution users with a vmca cert using the utility ("C:\Program Files\VMware\vCenter Server\vmcad\certificate-manager") on vcenter, but I am unsure if that's what I need to do.  This is a distributed environment, vsphere 6 with platform service controllers, 2 vcenters, and SRM enabled.

        • 1. Re: Solution User for vSphere Replication Cert Expiration?
          ntalbot777 Lurker

          I tracked the solution user cert to the replication appliance.  the replication appliance has an option to generate and install a self signed cert.  I am thinking this is the solution I am looking for.

          • 2. Re: Solution User for vSphere Replication Cert Expiration?
            balazs.lovas Enthusiast

            Hi,

             

            Had the same issue this week. I can confirm, that regenerating the self signed certification on the VR appliance AND clicking the Save and Restart button added a new solution user to vCenter with an updated certificate.

            1 person found this helpful
            • 3. Re: Solution User for vSphere Replication Cert Expiration?
              slivovics Lurker

              Falling back on the CLI is not always your first option. thats why I in particular liked the proposed solution above.

              *

              I wanted to unregister the VRA 6.1.2 in my environment as we decided to use IBM Spectrum SRA and had no use for

              the replication Appliance anymore.

              I could not unregister the replication appliance at all, the error keeped me popping that I had a wrong SSO administrator/password combination over & over.

              *

              I detected that the VR selfsigned certificate for the VR solution users Indeed had expired on both instances (one at each site)

              *

              I regenerated the selfsigned certificate, and Indeed needed to stop/restart the VRA.

              *

              I at such stage had 2 VR solution users with renewed self signed certificates

              *

              I was then able to unregister the VRA and get rid of it.

              *

              I preferred to do this at this stage in prior to the migration to vSphere 6.7