Hello,

I have strange problem. We have vSAN 2node + witness. DIT is enabled but while running the file service it shows in vsan healt problem with "root file problem". After disabling DIT, its ok. DIT on vcenter without file service is also working. Does anybody has similar problem ? 

And regarding this problem we recive information that it may be problem of our comercial CA (we have them on vmware, ESXi's and witness). Is there a way to go back to default self sign certyficate ? I tried two ways: first to regenrate and renew certs on ESXi from (config, advanced, certs) and then replace them with rui.cert/key name and restart services (It wasnt work. I lost access by http and to ESXI) and then I tried with commands on ESXI:

/sbin/generate-certificates
/etc/init.d/hostd restart && /etc/init.d/vpxa restart

After that I was able to generate cert but after connecting has problem:

"Disconnected from host: Cannot verify the SSL thumbprint this information"

Thank you community 🙂