Saturday, January 27, 2024

Update certificate/password on vRA cloud account

Symptoms:-

  • vCenter Server Cloud Account username or password has been changed.
  • An existing endpoint in VMware vRealize Automation (Now VMware Aria Automation) needs to be updated with the new credentials.
  • Credentials validation is successful, but then you see the error:
Failed to connect to vCenter: Error: Cannot login due to incorrect username and password
  • The configuration fails to load and the endpoint cannot be saved.
  • Data collection and provisioning to this endpoint fails due to the invalid credentials.

 

1. Log in to vRA, Right-click anywhere, and click on Inspect.


Click on Network tab and press CTRL+R


3. Scroll a bit down and search for Access-Token Row and click on it and navigate to the Response section.



4. Browse to Swagger API from API Documentation and click on Authorize button.





5. Enter Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxx (here xxxxxxxxxx is the Access Token you copied) and hit Authorize.



6. Post performing this - Swagger is now Authorized to vRA and you can use API calls.

7. Press Ctrl + F and search for "Update vSphere cloud account".



In the body pass the following (with proper inputs for hostname, certificate info, password & username) and execute it:

 
{
  "hostName": " ",
  "certificateInfo": {
    "certificate": " -----BEGIN CERTIFICATE-----\nMIIExxxxxxxxxxxxxxxxxxxxxCwUAMIGkMQswCQYD\nVQQDDAJDQTEXMBUGCgmSJomT8ixkARkWB3Zzxxxxxxxxxxxxxxxxxxxxxxb3JuaWExJjAkBgNV\nBAoMHWNhdmEtNi0wMDEtMTQwLmVuZy52bXdhcmUuY29tMRswGQYDVQQLDBJWTXdh\ncmUgRW5naW5lZXJpbmcwHhcNMjMwNDI4MDAzODUyWhcNMjUwNDI3MTIzODUyWjAk\nMRUwEwYDVQQDDAwxMC4yMjUuMS4xNDAxCzAJBgNVBAYTAlVTMIIBojANBgkqhkiG\n9w0BAQEFAAOCAY8AMIIBigKCAYEAvB1xuJbc9dg5WOzt3+th2/rq/Kku6mmkeaBJ\nCKetYbt21QYLEMJ68GFuU9Q/RCs0DiDCmWR3APYxBbL9Hp7cB6PAMkR5PEoQCaHA\nXXJsw3TFPbU8LVmq/VMibAuNGo++4emfUNGGX2PJm5F1S7sPadODGxxxxxxxxxxxxxxxxxxxxxxxxxxxxO9z+/NuAXnXVJwlA==\n-----END CERTIFICATE-----\n "
  },
  "password": " ",
  "username":" "
  }
 
 
 

Ssh to any vRA node appliance and run the below command to get the vCenter certificate info and grab that to run the API above:

 
openssl s_client -connect <vCenterHostname>:443 2> /dev/null | openssl x509 | awk 'NF {sub(/\r/, "");  printf "%s\\n",$0;}'
 
 
 

Grab the certificate starting from "-----BEGIN CERTIFICATE-----\nM" and till "-----END CERTIFICATE-----\n". 

 
 
 

You can get the cloud account id in the URL after %2F  


 


Once, all the info pasted in body, execute the API call.

Go back to vRA cloud account, refresh it and validate the account again. it should be OK now.

For more info, follow KB-https://kb.vmware.com/s/article/88531

Cheers !!



                                                                                                                    


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Edge node vmid not found on NSX manager

  Hello There, Recently , we faced an issue in our NSX-T envrironment running with 3.2.x version. We saw below error message while running t...