4 Replies Latest reply on Apr 26, 2020 3:59 PM by ctucci

    vCenter 7 Lifecycle Manager Status 404 and Errors when Using Externally Signed Machine SSL Cert

    ctucci Novice

      I upgraded to vSphere 7 in my lab environment and noticed a strange issue that causes Lifecycle Manager not to load and work within vCenter v7.


      I was coming from a VCSA 6.7 install which had an externally signed SSL cert added to replace the Machine Cert in vCenter that way when I load vCenter in web browser, it doesn't complain about a self-signed certificate. Everything worked great.


      When I updated to VCSA 7, the update wizard told me I must reset the certificates back to VCMA certs since something about trust blah blah blah. I followed the KB article it provided which brough my 6.7 back to using vCenter generated self-signed cert. I retried the update to v7 and it worked fine. After upgrade I replaced the Machine SSL certs with my externally signed certs (from Namecheap, domain specific, not wildcard) and vCenter v7 said it was changed successfully and it rebooted the appliance. I can now login to Web UI without annoying warnings, great.


      However, if I click "Lifecycle Manager" in vCenter v7, I get a red bar that pops up over that section that loads that says Status 404 - Error and list a URL that has to do with Lifecycle Manager I guess. And below, nothing loads in Lifecycle Manager, clicking any of the buttons doesn't do anything, or just produces more errors like "An unexpected error has occurred". Similar result if I click "Updates" tab on a host of cluster. Nothing to do with LM loads or works. everything else in VC seems to work fine, including proper serving of the signed SSL cert in my web browser.


      If I go back to Certificate Management and change the Machine SSL cert back to one generated by vCenter as self-signed, after reboot, Lifecycle Manager works again.


      Any ideas? Obviously LM doesn't like something about the externally signed cert even though it works everywhere else.