Hi,
I am experiencing issues when using the Automation Tool (ESXi 5.1 Update 1).
When following the step-by-step process:
1. Update the Single-Sign on SSL Certificate
Once this certificate is updated we find we can no longer log into the MOB. However, we continue onto the next steps regardless:
2. Update Inventory Service trust to Single Sign-On
3. Update the Inventory Service SSL Certficiate
4. Update vCenter Server trust to Single Sign-On
Then at step 5 it fails: Update the vCenter Server SSL Certificate
The errors are: HTTP ERROR: Unable to read or open Page
HTTP ERROR: 401 Basic Auth Error
We are 100% sure the password are correct (unless these are being changed by something else in this process?) and all of our certificates look ok.
Hi,
MOB should be enabled for SSL Tool to working see known issues in KB below:
VMware KB: Deploying and using the SSL Certificate Automation Tool 1.0.x
Regards,
P.
Hi,
I had exactly the same issue on 5.5.
I'm not exactly sure what the problem was but after I did below it worked fine...
Reverted to a snapshot I had taken on VC server after I had generated and modified the certs but before I had updated the certs.
Or you could roll back using Cert Tool?
Domain service account for VC server and SQL and the administrator@vsphere.local had exclamation marks in the passwords.
I changed passwords to remove this.
The domain service account was local admin on the VC server but I hadn't given permissions for this account in vCenter.
I added the domain service account as an Administrator under Single Sign On in the web client.
I added the domain service account as an Administrtor to the vCenter Server in the web client.
After that updating of all the certs ran smoothly.
Hope this helps?
Cheers,
Steve
@sjmeyers thanks this has solved my issue. To make it short, I've seen the same "HTTP Error
401
: basic auth failed" error for any attempts to replace various certificates for the components, e.g.:
---------- C:\PROGRAMDATA\VMWARE\VMWARE VIRTUALCENTER\VPXD.CFG
[Wed
07
/
05
/
2017
-
15
:
41
:
58.90
]: Validating the input parameters...
STATE :
4
RUNNING
HTTPError: Unable to open or read page.
HTTP Error
401
: basic auth failed
[Wed
07
/
05
/
2017
-
15
:
42
:
27.08
]:
"Cannot log in to vCenter."
[Wed
07
/
05
/
2017
-
15
:
42
:
27.09
]: The vCenter certificate update failed.
The solution was to add vsphere administrator rights for the local Windows user the vCenter service is running with.