cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
INSE-W
Ctrl-Alt-Del
Posts: 15
Registered: ‎06-06-2017
Location: CH
Views: 941
Message 1 of 3

Issue with customized signed server certificate on LXCI for VMware vCenter v5.4.0

Hi community

 

I deployed a brand new base installation of Lenovo XClarity Integrator for VMware vCenter version 5.4.0 (newest available). I was able to deploy and configure the appliance. Even the vCenter registration worked right away with the appropriate account!

 

However, if I want to import a customized signed server certificate from our internal CA I always get the following error after the upload of the signed CSR:

Failed to upload certificate:[Errno 2] No such file or directory

 

I tried several times, even after a complete reboot of the appliance. I tried with FQDN, shortname and the option "Generated by LXCI" as CN but I always receive the same error. 

 

--> Could this be a bug in the v5.4.0 ?

 

CSR can be generated without any issue and can be read by our CA. Has anyone the same issue?

 

Thank you,

INSE-W.

mavatko
Fanfold Paper
Posts: 23
Registered: ‎08-23-2016
Location: SK
Views: 934
Message 2 of 3

Re: Issue with customized signed server certificate on LXCI for VMware vCenter v5.4.0

Apply Fix Patch
https://support.lenovo.com/sk/en/solutions/lnvo-vmware

Lenovo XClarity Administrator Virtual Appliance Fix Patch 2
Change History
-lnvgy_sw_vmuim_5.4.0_fp1:
This fix patch fix csrf problem when uploading certificate to Lenovo XClarity Integrator virtual appliance

-lnvgy_sw_vmuim_5.4.0_fp2:
This fix patch updates the new eSupport certs that are used by OneCli to Lenovo XClarity Integrator virtual appliance.
The old eSupport certs will expire by 08/24, 2018.

Version 5.4.0, June. 29, 2018
- Fix to 5.4.0

 

INSE-W
Ctrl-Alt-Del
Posts: 15
Registered: ‎06-06-2017
Location: CH
Views: 876
Message 3 of 3

Re: Issue with customized signed server certificate on LXCI for VMware vCenter v5.4.0

Hi mavatko

 

Thank you for your reply. I was finally able to import a custom certificate into LXCI. However, I had to implement some more steps:

 

- Deploy new v.5.4.0 appliance

- Set up the appliance

- Reboot appliance

- Apply Fix Patch 1 & 2

- Reboot appliance

- Generate CSR, sign CSR and import certificate (Base64 encoded, PEM format)

 

--> Important: Other than it is described in the documentation, the certificate does not have to have the full certificate path. I received an error with the the full chain. It is enough to just import the certificate without the root certificate from the CA.

Check out current deals!


Shop current deals