Replacing vCenter Server Certificates Rollback at 85%
Today I was replacing VMCA certificates by an ADCS (Active Directory Certificate Service) signed certificate, which everything went well except when I imported my certificate, the procedure stuck at 85 percent and rollbacked. and show you an error with this title.
Status : 85% Completed [starting services…]
Error while replacing Machine SSL Cert, please see /var/log/vmware/vmcad/certificate-manager.log for more information.
When you go to read the “certificate-manager.log”, you see an entry like this:
Error Failed to start vmon services.vmon-cli RC=1
After a lot of searching on the internet, I sum up with this good article which helps me to solve my problem. The procedure is very simple, you just need to change the file permission of /etc/vmware/.buildInfo from 640 back to 444, SSH to your vCenter Server with root user and type following commands:
shell
chmod 444 /etc/vmware/.buildInfo
Go and reimport your certificate.
Thanks a lot for publishing this. I passed your hint on to a colleague, who told me that he was stuck at the exact same 85% in a VCSA 6.5 certificate replacement operation.
I hope this is informative for your colleague.