daknetworks.com

You are here: Blog vCenter" HTTP Status 500 – Internal Server Error"

vCenter" HTTP Status 500 – Internal Server Error"

CHECK SSL CERTIFICATES IN VCENTER SERVER

https://kb.vmware.com/s/article/2015600

Run the following to check the certificates in vCenter:

for store in $(/usr/lib/vmware-vmafd/bin/vecs-cli store list | grep -v TRUSTED_ROOT_CRLS); do echo "[*] Store :" $store; /usr/lib/vmware-vmafd/bin/vecs-cli entry list --store $store --text | grep -ie "Alias" -ie "Not After";done;

 

Here is the result:

[*] Store : MACHINE_SSL_CERT
Alias : __MACHINE_CERT
            Not After : Jul 30 04:55:53 2022 GMT
[*] Store : TRUSTED_ROOTS
Alias : 1de53225634a45f52840baf7b4a8e7dd6f8f1493
            Not After : Jul 24 16:55:52 2030 GMT
[*] Store : machine
Alias : machine
            Not After : Jul 24 16:55:52 2030 GMT
[*] Store : vsphere-webclient
Alias : vsphere-webclient
            Not After : Jul 24 16:55:52 2030 GMT
[*] Store : vpxd
Alias : vpxd
            Not After : Jul 24 16:55:52 2030 GMT
[*] Store : vpxd-extension
Alias : vpxd-extension
            Not After : Jul 24 16:55:52 2030 GMT
[*] Store : hvc
Alias : hvc
            Not After : Jul 24 16:55:52 2030 GMT
[*] Store : data-encipherment
Alias : data-encipherment
            Not After : Jul 24 16:55:52 2030 GMT
[*] Store : APPLMGMT_PASSWORD
Alias : location_password_default
[*] Store : SMS
Alias : sms_self_signed
            Not After : Jul 29 17:00:11 2030 GMT
[*] Store : wcp
Alias : wcp
            Not After : Jul 24 16:55:52 2030 GMT

 

===================================================

CHECK STS CERTIFICATES IN VCENTER SERVER

https://kb.vmware.com/s/article/79248

-download checksts.py
-python checksts.py

STS certs are valid for 2910 days.
No expired certs.

 

=====================================================

From the info above; __MACHINE_CERT is expired.

https://kb.vmware.com/s/article/82332

https://kb.vmware.com/s/article/2097936

-shutdown vCenter in the ESXi interface.
-take offline snapshot.
-verify the snapshot is complete.
-start the vCenter vm.
-/usr/lib/vmware-vmca/bin/certificate-manager
-press 3
-ran through defaults using the ip address as the hostname and vCENTER as VMCA name.
-wait 15 minutes.
-try vCenter web ui again.

Contact Dak Networks

We are not taking on new clients at this time.