Find the fingerprint by going to the details tab and looking for the “Thumbprint” attributes. Now open the sts.cer file with certmgr.exe on a windows machine or similar program. Open up a text editor and paste this string into the file and save it as sts.cer someplace safe. It’ll look like a long string of garbled text.
When you find this, copy the sslTrust value from the line preceding this sts/STS string you searched for. You’ll find this string in a URL down on the page. When you’ve removed the other tag information in that window click “Invoke Method”Īfter you’ve done this, to a find on that page for “sts/STS”. Once you’ve logged in, you’ll want to modify the information in the “Value” box so that it only contains the filterCriteria tags like the screenshot below. The first thing you want to do is go to your PSC’s managed object browser to find the old fingerprint. While the KB article does an adequate job of describing the fix, hopefully my screenshots will help add some additional color if you’re trying to go through the same thing. The following KB article covers how to fix this. It turns out that NSX won’t connect because it’s getting the wrong fingerprint back from vCenter.
When I tried to connect my NSX Manager to my vCenter I’d get an error stating that the certificate change was not verified, like the following: I’m hoping this gets more focus soon from VMware. I thought that I was doing the right thing for security, but VMware made it more painful for me to do the right thing. This is particularly annoying because as I found out later, if I’d have just left my self-signed certificates in tact, I would never have had to deal with this.
Specifically, after the update, NSX wouldn’t connect to the lookup service. However, after I replaced the default self-signed certificates I had a few new problems. I updated my vSphere lab to version 6.5 and moved to the vCenter Server Appliance (VCSA) as part of my updates. As part of this process, I’ve updated my certificates so that all of my URLs have the nice trusted green logo on them. Recently, I’ve been going through and updating my lab so that I’m all up to date with the latest technology.
0 kommentar(er)
