BugZero | VMware vCenter BugID 7b24604c6523 - If the vCenter certificate mode is set to thumbpri...

VMware vCenter - Defect ID: 7b24604c6523

If the vCenter certificate mode is set to thumbprint, vSphere HA clusters might fail to configure after update to vCenter 8.0 Update 3

VMware vCenter - Defect ID: 7b24604c6523

If the vCenter certificate mode is set to thumbprint, vSphere HA clusters might fail to configure after update to vCenter 8.0 Update 3

Last updated on May 7th, 2026

BugZero Risk Score
0.0 Coming soon

Overall: N/A

Severity: N/A

Community: N/A

Lifecycle: N/A

What is the BugZero Risk Score?

VMware vCenter Integration

Learn more about where this data comes from

VMware vCenter Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Status: Known
Impact Category: Installation, Upgrade, and Migration Issues
Workaround Available:

Description

Disclaimer

A custom bug ID has been generated as the vendor did not provide one: 7b24604c6523

Overview

If for some reason the advanced setting vpxd.certmgmt.mode in a vCenter instance is set to thumbprint , which is recommended only as a fallback option, the primary vSphere HA host might remain active but other vSphere HA clusters fail to configure after update to vCenter 8.0 Update 3. In the fdm.log , you see messages such as: Failed to SSL handshake; SSL(<io_obj p:0x0000002e86fda5f0, h:30, <TCP '10.10.10.10 : 8111'>, <TCP '10.10.10.11 : 11911'>>), e: 167773208(tlsv1 alert unknown ca (SSL routines)), duration: 5msec or Er(163) Fdm[1151234]: --> The remote host certificate has these problems: Er(163) Fdm[1151234]: --> Er(163) Fdm[1151234]: --> * unable to get local issuer certificate) For more information, see Change the ESXi Certificate Mode and KB 372329 .

Workaround

Change the vpxd certificate mode to vmca or custom , depending on your environment

Knowledge Base URLs

https://knowledge.broadcom.com/external/article/372329

Bug URLs

https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/vcenter-server-update-and-patch-release-notes/vsphere-vcenter-server-80u3a-release-notes.html

Change history

2025-11-05 changed to Known

Top VMware vCenter Defects

Defect ID: 3557847
Missing logs in the vCenter log file for vSAN health
Defect ID: 3488172
Login instructions for RSA SecurID Authentication in the vSphere Client might display HTML tags as plain text
Defect ID: 3484244
A rare race condition might cause repeating failovers due to a failure of the vCenter vpxd service or vSphere Client becoming unresponsive
Defect ID: 68adfd8f5272
vSphere Storage vMotion operations might fail in a vSAN environment due to an unauthenticated session of the Network File Copy (NFC) manager
Defect ID: 524f315fc61b
You see large threadmonitor<num>.log files in the vsphere-ui logs directory

Ready to prevent the next vendor outage?

Get a demo

VMware vCenter - Defect ID: 7b24604c6523

If the vCenter certificate mode is set to thumbprint, vSphere HA clusters might fail to configure after update to vCenter 8.0 Update 3

VMware vCenter - Defect ID: 7b24604c6523

If the vCenter certificate mode is set to thumbprint, vSphere HA clusters might fail to configure after update to vCenter 8.0 Update 3

Last updated on May 7th, 2026

BugZero Risk Score0.0 Coming soon

Bug Details

Disclaimer

Overview

Workaround

Knowledge Base URLs

Bug URLs

Links

Top VMware vCenter Defects

Ready to prevent the next vendor outage?

BugZero Risk Score
0.0 Coming soon