1 2 Previous Next 23 Replies Latest reply on Jul 17, 2020 1:25 AM by vmjoe

    "Unable to query vSphere health information" and "Unable to query vSAN health information" after certificate replacement - VCSA 6.7U2

    irvingpop_chef Novice

      I attempted to replace my machine cert on my VCSA server.  After a few attempts I gave up and performed a full certificate reset using the `/usr/lib/vmware-vmca/bin/certificate-manager` tool.

       

      Now I'm seeing the following errors in the UI when looking at any Health or vSAN information.   Anyone know how to resolve this?  I upgraded to 6.7.0.40000 and that didn't help.

       

      Screen Shot 2019-10-23 at 11.14.28 AM.png

      Screen Shot 2019-10-23 at 11.14.43 AM.png

      Screen Shot 2019-10-23 at 11.14.54 AM.png

       

      in my /var/log/vmware/vsphere-ui/logs/vsphere_client_virgo.log I see lots of:

      Caused by: com.vmware.vsphere.client.vsandp.core.sessionmanager.common.NotAccessibleException: com.vmware.vim.vmomi.client.exception.SslException: com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate chain is not trusted and thumbprint doesn't match

      at com.vmware.vsphere.client.vsandp.core.sessionmanager.common.PbmClient.getConnection(PbmClient.java:70)

      at com.vmware.vsphere.client.vsan.base.impl.PbmDataProvider.getProfileIds(PbmDataProvider.java:181)

      at com.vmware.vsphere.client.vsan.base.impl.PbmDataProvider.getStoragePolicies(PbmDataProvider.java:131)

      at com.vmware.vsphere.client.vsan.base.impl.PbmDataProvider.getObjectCompatibleStoragePolicies(PbmDataProvider.java:118)

      ... 119 common frames omitted

      Caused by: com.vmware.vim.vmomi.client.exception.SslException: com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate chain is not trusted and thumbprint doesn't match

      at com.vmware.vim.vmomi.client.common.impl.ResponseImpl.setError(ResponseImpl.java:256)

      at com.vmware.vim.vmomi.client.http.impl.HttpExchange.run(HttpExchange.java:56)

      at com.vmware.vim.vmomi.client.http.impl.HttpProtocolBindingBase.executeRunnable(HttpProtocolBindingBase.java:226)

      at com.vmware.vim.vmomi.client.http.impl.HttpProtocolBindingImpl.send(HttpProtocolBindingImpl.java:106)

      at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl$CallExecutor.sendCall(MethodInvocationHandlerImpl.java:629)

      ...

        1 2 Previous Next