Getting Error: SSL Certificate common name doesn’t match ESXi FQDN

SSL Certificate common name doesn’t match ESXi FQDN

While Configuring VMWare Cloud Foundation you might come across the below Error: “Error Connecting to ESXi host” “SSL Certificate common name doesn’t match ESXi FQDN”

VMware Cloud Foundation Cloud Builder will validate data provided in the configuration file and elements of the physical infrastructure. Select Platform Review Prerequisites Prepare Configuration Validate Configuration Errors found during configuration file validatiotm Proceed with cautiorL History Current BACK Validation Items JSON Spec Validation Cloud Builder Configuration Validation DNS Resolution Validation Preparing Security Requirements tor Running Validation Error connecting to ESXi host SSL Certificate common name doesn't match ESXi FODN Error connecting to ESXi host SSL Certificate common name doesn't match ESXi FODN Error connecting to ESXi host SSL Certificate common name doesn't match ESXi FODN Error connecting to ESXi host SSL Certificate common name doesn't match ESXi FQDN ESXi Host Configuration Validation vSAN Disk Availability Validation License Key Validation Password Validation o Deploy Cloud Foundation Acknowledge DOWNLOAD PRINT Status @ Success @ Success @ Success Warning Skipped Skipped Skipped Skipped RETRY

Generally, this error is an outcome of the Host name not matching the Certificate which was created at the time of Installation of the ESXi Host.

This error can be corrected using the below Steps:

  • Set the Hostname using the below Command:
[root@sddc-esxi4:~] esxcli system hostname set --fqdn=sddc-esxi4.vmlabs.com
  • Once done you can now generate a New Certificate for the ESXi Host using the below command:
[root@sddc-esxi4:~] /sbin/generate-certificates
  • Once done you can now restart the ESXi Host.
[root@sddc-esxi4:~] reboot
SDDC-ESXM IO SDDC-ESXi2 IO SDDC-ESXi3 O SDDC-ESXi4 Using username Keyboard—interactive authentication prompts from server: End of keyboard—interactive prompts from server The time and date of this login have been sent to Che system Icgs . WARNING All corunands run on Che ESXi shell are logged and may be included in support bundles. Do not provide passwords directly on the coruuand line . Most Cools can prompt for secrets or accept them f 10m standard input . •v%ware offers supported, powerful system administration Cools . see www.vmware . com/go/sysadmintools for details Please The ESXi Shell can be disabled by an administrative user. See Che v Sphere Security documentation for more information. : —l esxcli system hostname set esxcli system hostname set . vmlabs . com : —l /sbin/ generate—certificates "'etc/ init . d/ hostd restart /ecc/inic .d/vpxa restart watchdog—hoscd: Terminating watchdog process with PID S2608S S2SSS7 hostd stopped. /usr/lib/vmware/hostd/bin/ create—scatsscore . py: 30: DeprecationWarning: import ppzsilib as vsi hostd started. watchdog—vpxa: Terminating watchdog process with PID 526493 '.rpxa stopped . '.rpxa started. I reboot pyrsilib is replaced by vmware . vsi

Ashutosh Dixit

I am currently working as a Senior Technical Support Engineer with VMware Premier Services for Telco. Before this, I worked as a Technical Lead with Microsoft Enterprise Platform Support for Production and Premier Support. I am an expert in High-Availability, Deployments, and VMware Core technology along with Tanzu and Horizon.

Leave a Reply