SYMPTOMS
-the vSphere Client has a red bar complaining about not being able to connect to SSO.
-vmware HTTP Status 500 – Internal Server Error
-no healthy upstream
REASON
The certificates have expired on the system.
RESOLUTION
Need to regenerate all the certificates.
Either user VCSA:
-networking > edit
-next > next
-password
-finish
-let VCSA finish
or
/usr/lib/vmware-vmca/bin/certificate-manager
8
-Fill in as appropriate.
-Wait about 15 minutes.
-Success
If this results in "no healthy upstream", then usually there is a hostname mismatch or an ip address mismatch. Seems like Dell services just used the ip address for everything.
Here are the settings used:
==================================================
Option[1 to 8]: 8
Do you wish to generate all certificates using configuration file : Option[Y/N] ? : Y
Please provide valid SSO and VC privileged user credential to perform certificate operations.
Enter username [
Enter password:
Please configure certool.cfg with proper values before proceeding to next step.
Press Enter key to skip optional parameters or use Default value.
Enter proper value for 'Country' [Default value : US] :
Enter proper value for 'Name' [Default value : CA] :
Enter proper value for 'Organization' [Default value : VMware] :
Enter proper value for 'OrgUnit' [optional] : VMware Engineering
Enter proper value for 'State' [Default value : California] :
Enter proper value for 'Locality' [Default value : Palo Alto] :
Enter proper value for 'IPAddress' (Provide comma separated values for multiple IP addresses) [optional] : 192.168.26.20
Enter proper value for 'Email' [Default value :
Enter proper value for 'Hostname' (Provide comma separated values for multiple Hostname entries) [Enter valid Fully Qualified Domain Name(FQDN), For Example : example.domain.com] : 192.168.26.20
Enter proper value for VMCA 'Name' :192.168.26.20
Continue operation : Option[Y/N] ? : Y
==================================================