Loading...
Loading...
Certificate Replacement with Custom Certificates fails on vCenter Server 6.x with lstool get-site-id failed error messageCertificate Manager log shows similar to below messages 2016-04-11T17:05:12.2Z ERROR certificate-manager Error while replacing Machine SSL Cert, please see /var/log/vmware/vmcad/certificate-manager.log for more information.2016-04-11T17:05:12.3Z ERROR certificate-manager 'lstool get-site-id' failed: 12016-04-11T17:05:12.3Z INFO certificate-manager Performing rollback of Machine SSL Cert...Log location:VCSA - /var/log/vmware/vmcad/certificate-manager.logWindows vCenter Server - %ProgramData%\VMware\vCenterServer\logs\vmca\certificate-manager.log
This issue can happen while trying to replace Machine SSL of vCenter Server 6.x using Custom Certificate with an unsupported Signature Algorithm RSASSA-PSS
To resolve the issue follow the steps below: Regenerate the Certificate with a Supported Signature Algorithm (Eg. SHA256) and proceed with certificate replacement to fix the issue. Refer to Article Replacing a vSphere 6.x Machine SSL certificate with a Custom Certificate Authority Signed Certificate to replace the Machine SSL Certificate
Refer to VMware Doc Certificate Requirements for Different Solution Paths for more information on unsupported signature algorithms
Click on a version to see all relevant bugs
VMware Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.