I tried to upload a certificate set to our VCSA using the GUI and root account (Administrator). I didn't realize that I had to combine the root and intermediate files into one, so after uploading, resetting and following a guide I found, then rebooting the VCSA, the browser would not connect and showed the following error in Chrome: NET::ERR_CERT_AUTHORITY_INVALID
So, I tried to reset everything in the CLI but got errors doing that, now I'm trying to copy the appended cert file to the VCSA but when I follow the instructions to do that (changing the shell access to allow SCP), whenever I try to SCP the file, I get "Unknown command 'scp'" after it prompts me with the login and password. I did the following:
On the VCSA appliance:
Command> shell.set --enable True
Unknown command: `shell.set'
Command> shell.set --enable true
Unknown command: `shell.set'
Command> shell
Shell access is granted to root
root@myvcsa [ ~ ]# chsh -s /bin/bash root
You are required to change your password immediately (root enforced)
chsh: PAM: Authentication token is no longer valid; new one required
root@myvcsa [ ~ ]# exit
logout
Command> exit
Connection to myvcsa.my.network.com closed.
Trying to SCP the fiile from another Linux host:
$ scp /Documents/VMware/Certificates//Certificate_And_Intermediate_Combined.crt root@myvcsa.my.network.com:/var/tmp/cert-temp
root@myvcsa.my.network.com's password:
Unknown command: `scp'
Yesterday when I tried this, at least the first part didn't throw back an error (shell.set --enable True), but even then it still gave me the same error.
I need to update these certs ASAP. ANy help would be appreciated. Thanks.
EDIT: I was able to SCP the files to the VCSA using the VCSA appliance shell from the host I was trying to copy from originally. Not sure why I could not copy to the VCSA from the host.
try this
https://blog.ukotic.net/2016/09/20/scp-to-a-vcenter-server-appliance-vcsa/
How to allow Shell and SCP access in vCenter 6 Appliance | VIRTUALIZATION BLOG
When I was trying to copy the files using winscp or SCP from the other linux to upload the certificate files to the vCenter Server Appliance krogerfeedback.
The below error basically means your root password is expired. Reset the root password and change shell.
root@myvcsa [ ~ ]# chsh -s /bin/bash root
You are required to change your password immediately (root enforced)
chsh: PAM: Authentication token is no longer valid; new one required
Once you change shell run cat /etc/passwd | grep -i root and make sure the shell is /bin/bash