mportant;">1. Vcenter证书过期修复2
和https://blog.csdn.net/qq_29974229/article/details/127439493有一点区别.
上次这个vc6.5,这次是vc6.7
用fixsts.sh修复过后任然启动报错
启动服务时,报错内容如下:
root@ebs-app-vc [ ~ ]# service-control --start --allOperation not cancellable. Please wait for it to finish... Performing start operation on service lwsmd... Successfully started service lwsmd Performing start operation on service vmafdd... Successfully started service vmafdd Performing start operation on service vmdird... Successfully started service vmdird Performing start operation on service vmcad... Successfully started service vmcad Performing start operation on service vmware-sts-idmd... Successfully started service vmware-sts-idmd Performing start operation on service vmware-stsd... Successfully started service vmware-stsd Performing start operation on service vmdnsd... Successfully started service vmdnsd Performing start operation on profile: ALL... Service-control failed. Error: Failed to start services in profile ALL. RC=1, stderr=Failed to start eam, sca, sps, vpxd, content-library, cis-license, vsphere-client, vsphere-ui, analytics, vapi-endpoint, statsmonitor, vmware-postgres-archiver, vsan-health, vpxd-svcs services. Error: Operation timed out
主要是
管理页面也是503报错
503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http20NamedPipeServiceSpecE:0x0000558db7faee10] _serverNamespace = / action = Allow _pipeName =/var/run/vmware/vpxd-webserver-pipe)
2. 修复方法
执行命令
/usr/lib/vmware-vmca/bin/certificate-manager
选择第四个,重新生成新的VMCA根证书并替换所有证书
root@ebs-app-vc [ ~ ]# /usr/lib/vmware-vmca/bin/certificate-manager _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ | | | *** Welcome to the vSphere 6.7 Certificate Manager *** | | | | -- Select Operation -- | | | | 1. Replace Machine SSL certificate with Custom Certificate | | | | 2. Replace VMCA Root certificate with Custom Signing | | Certificate and replace all Certificates | | | | 3. Replace Machine SSL certificate with VMCA Certificate | | | | 4. Regenerate a new VMCA Root Certificate and | | replace all certificates | | | | 5. Replace Solution user certificates with | | Custom Certificate | | | | 6. Replace Solution user certificates with VMCA certificates | | | | 7. Revert last performed operation by re-publishing old | | certificates | | | | 8. Reset all Certificates | |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|Note : Use Ctrl-D to exit.## 这里选择4Option[1 to 8]: 4
3. 重置密码
Do you wish to generate all certificates using configuration file : Option[Y/N] ? : y Please provide valid SSO and VC privileged user credential to perform certificate operations. Enter username [Administrator@vsphere.local]: Enter password:
这里有可能是在输入Administrator@vsphere.local密码的时候发现密码是错误的.
如果密码知道就没必要重置了
root@photon-machine [ ~ ]# /usr/lib/vmware-vmdir/bin/vdcadmintool==================Please select:0. exit1. Test LDAP connectivity2. Force start replication cycle3. Reset account password4. Set log level and mask5. Set vmdir state6. Get vmdir state7. Get vmdir log level and mask==================3 Please enter account UPN : administrator@vsphere.local New password is -# 下面这行就是密码,复制粘贴到上面那个地方,等web控制端起来了后再进去修改密码ZIP|*|*6:o=NnzoU/8P1==================Please select:0. exit1. Test LDAP connectivity2. Force start replication cycle3. Reset account password4. Set log level and mask5. Set vmdir state6. Get vmdir state7. Get vmdir log level and mask==================0
4. 修复完成
下面这部分其实用默认的就可以了.也可以自定义,反正不记得就用默认的好了
Please configure certool.cfg with proper values before proceeding to next step. Press Enter key to skip optional parameters or use Default value. Enter proper value for 'Country' [Default value : US] : Enter proper value for 'Name' [Default value : CA] : Enter proper value for 'Organization' [Default value : VMware] : Enter proper value for 'OrgUnit' [Default value : VMware Engineering] : Enter proper value for 'State' [Default value : California] : Enter proper value for 'Locality' [Default value : Palo Alto] : Enter proper value for 'IPAddress' (Provide comma separated values for multiple IP addresses) [optional] : 192.168.101.221 Enter proper value for 'Email' [Default value : email@acme.com] : Enter proper value for 'Hostname' (Provide comma separated values for multiple Hostname entries) [Enter valid Fully Qualified Domain Name(FQDN), For Example : example.domain.com] : server.acme.com Enter proper value for VMCA 'Name' :pana You are going to regenerate Root Certificate and all other certificates using VMCA Continue operation : Option[Y/N] ? : y Get site nameCompleted [Replacing Machine SSL Cert...] default-site Lookup all services Get service default-site:328c065f-ca89-4f5f-913c-57607794af05 Update service default-site:328c065f-ca89-4f5f-913c-57607794af05; spec: /tmp/svcspec_1hyoh8iw Get service default-site:f6c8582e-97f2-436a-a4fe-61cfb13a8b86 Update service default-site:f6c8582e-97f2-436a-a4fe-61cfb13a8b86; spec: /tmp/svcspec_lml_2fg_ Get service default-site:1f032afd-4e86-4c0a-8e1b-41b69da284d5 Update service default-site:1f032afd-4e86-4c0a-8e1b-41b69da284d5; spec: /tmp/svcspec_iwel07yz Get service 46b675c5-45f1-4715-a6c4-9009b37bc1d5 Update service 46b675c5-45f1-4715-a6c4-9009b37bc1d5; spec: /tmp/svcspec_lqoc06zv Get service 681b5bac-6033-4b5c-9108-4a187733689c Update service 681b5bac-6033-4b5c-9108-4a187733689c; spec: /tmp/svcspec_22oo2kdw Get service 78aabad1-5c6e-4645-8be7-bd593d7e7bbd Update service 78aabad1-5c6e-4645-8be7-bd593d7e7bbd; spec: /tmp/svcspec_a3ny3leq Get service dc998f75-d407-4858-8481-da09d36e8943 Update service dc998f75-d407-4858-8481-da09d36e8943; spec: /tmp/svcspec_nqq85y50 Get service 46b675c5-45f1-4715-a6c4-9009b37bc1d5_vcbimage Don't update service 46b675c5-45f1-4715-a6c4-9009b37bc1d5_vcbimage Get service f32b2607-dc30-45af-aef1-0a5db79faf76 Update service f32b2607-dc30-45af-aef1-0a5db79faf76; spec: /tmp/svcspec_45j4hxam Get service 33a8d00c-a946-4fb8-ab73-f7fcbf3bf44d Update service 33a8d00c-a946-4fb8-ab73-f7fcbf3bf44d; spec: /tmp/svcspec_j_qntnk7 Get service 12000031-2725-45b7-bccb-21de408e4153 Update service 12000031-2725-45b7-bccb-21de408e4153; spec: /tmp/svcspec__ztv2rio Get service 268b7255-9f6f-4f92-908e-e42373645a7f Update service 268b7255-9f6f-4f92-908e-e42373645a7f; spec: /tmp/svcspec_m5p1g0hy Get service 17def46c-aa15-4db0-a57b-913bfbbce732_kv Update service 17def46c-aa15-4db0-a57b-913bfbbce732_kv; spec: /tmp/svcspec_zm9i9ps4 Get service 46b675c5-45f1-4715-a6c4-9009b37bc1d5_com.vmware.vdp2.config Don't update service 46b675c5-45f1-4715-a6c4-9009b37bc1d5_com.vmware.vdp2.config Get service 9fe72b61-2d80-4cfa-b072-f782e545e98f Update service 9fe72b61-2d80-4cfa-b072-f782e545e98f; spec: /tmp/svcspec_xamxixnp Get service 76d2475a-2c3a-448b-bc4e-fc02c3ce31ca Update service 76d2475a-2c3a-448b-bc4e-fc02c3ce31ca; spec: /tmp/svcspec_9llg0ntv Get service 17def46c-aa15-4db0-a57b-913bfbbce732 Update service 17def46c-aa15-4db0-a57b-913bfbbce732; spec: /tmp/svcspec_v7fve2h3 Get service 72ea6c45-4b99-4b01-a42f-3a7164228740 Update service 72ea6c45-4b99-4b01-a42f-3a7164228740; spec: /tmp/svcspec_psxn_gu2 Get service 46b675c5-45f1-4715-a6c4-9009b37bc1d5_com.vmware.vsphere.client Don't update service 46b675c5-45f1-4715-a6c4-9009b37bc1d5_com.vmware.vsphere.client Get service 375f8864-b555-4db6-9f24-948a3df6eb16 Update service 375f8864-b555-4db6-9f24-948a3df6eb16; spec: /tmp/svcspec_lpxej2ph Get service 5d7f5c31-3800-44a8-b700-e286ddb4fcf4 Update service 5d7f5c31-3800-44a8-b700-e286ddb4fcf4; spec: /tmp/svcspec_iqkiml4p Get service 000d8e2a-7445-4f18-9e13-5f5aa063cafa Update service 000d8e2a-7445-4f18-9e13-5f5aa063cafa; spec: /tmp/svcspec_iv3zzxrg Get service 5521f24b-727b-43e0-81d2-70e3162b64d2 Update service 5521f24b-727b-43e0-81d2-70e3162b64d2; spec: /tmp/svcspec_6llzqbyv Get service e1f4f678-899e-4a23-a0c5-1258291296e2 Update service e1f4f678-899e-4a23-a0c5-1258291296e2; spec: /tmp/svcspec_6ehtova5 Get service 12759817-eecb-4367-ae66-b78115e818d4 Update service 12759817-eecb-4367-ae66-b78115e818d4; spec: /tmp/svcspec_plep63ps Get service d0ba0cef-a07f-4d95-a29c-f74a2b8f954a Update service d0ba0cef-a07f-4d95-a29c-f74a2b8f954a; spec: /tmp/svcspec_gtei9wr5 Get service 46b675c5-45f1-4715-a6c4-9009b37bc1d5_com.vmware.vdp2 Don't update service 46b675c5-45f1-4715-a6c4-9009b37bc1d5_com.vmware.vdp2 Get service e501eedf-5283-42fa-a3da-0761220f0a19 Update service e501eedf-5283-42fa-a3da-0761220f0a19; spec: /tmp/svcspec_dtpv1qvv Get service bc192415-09a4-4e51-824b-c4f7750b0166 Update service bc192415-09a4-4e51-824b-c4f7750b0166; spec: /tmp/svcspec_e259pzwv Get service b6344006-4daf-4bd0-b325-57acdd16f98f Update service b6344006-4daf-4bd0-b325-57acdd16f98f; spec: /tmp/svcspec_pc9vgucq Get service 130bbe03-4ad4-4689-bdb2-b6c5956ffbdd Update service 130bbe03-4ad4-4689-bdb2-b6c5956ffbdd; spec: /tmp/svcspec_hoiiwtnc Get service 4c0472eb-9757-4654-88be-2347732df653 Update service 4c0472eb-9757-4654-88be-2347732df653; spec: /tmp/svcspec_gckxiotd Get service c6b69e9d-8d94-4ab6-a3cc-7a6e3002b5d8 Update service c6b69e9d-8d94-4ab6-a3cc-7a6e3002b5d8; spec: /tmp/svcspec_r8hkubo6 Get service f35f1a6f-b3c3-4bf1-a744-3262e55160d8 Update service f35f1a6f-b3c3-4bf1-a744-3262e55160d8; spec: /tmp/svcspec_bh6w418g Get service 88eb6d09-2876-4c71-92c3-1e815dba8307 Update service 88eb6d09-2876-4c71-92c3-1e815dba8307; spec: /tmp/svcspec_cvl3ndxo Get service 1e035e61-3bc9-4782-a92e-4fddfa9f7672 Update service 1e035e61-3bc9-4782-a92e-4fddfa9f7672; spec: /tmp/svcspec_5par2xfc Get service 46b675c5-45f1-4715-a6c4-9009b37bc1d5_com.emc.avamar.vmware.vcs.SnapshotManagerDelete Don't update service 46b675c5-45f1-4715-a6c4-9009b37bc1d5_com.emc.avamar.vmware.vcs.SnapshotManagerDelete Get service 4e9e2663-5d77-47f6-ba8a-29b57f2144ed Update service 4e9e2663-5d77-47f6-ba8a-29b57f2144ed; spec: /tmp/svcspec_909hk04r Get service 17def46c-aa15-4db0-a57b-913bfbbce732_authz Update service 17def46c-aa15-4db0-a57b-913bfbbce732_authz; spec: /tmp/svcspec_k9_j6ox4 Updated 34 service(s)Status : 60% Completed [Replace vpxd-extension Cert...] 2023-04-04T02:06:40.598Z Updating certificate for "com.vmware.vim.eam" extension2023-04-04T02:06:40.846Z Updating certificate for "com.vmware.rbd" extension2023-04-04T02:06:41.097Z Updating certificate for "com.vmware.imagebuilder" extension Status : 85% Completed [starting services...] 这里要等一会 Status : 100% Completed [All tasks completed successfully]
到100%了就可以正常打开管理页面了.
5. 收尾部分
前年如果修改过Administrator@vsphere.local密码的话,这里需要把那段不好记忆的密码修改一下
修改完确认即可
打赏
支付宝微信扫一扫,打赏作者吧~
本文链接:https://www.kinber.cn/post/4111.html 转载需授权!
推荐本站淘宝优惠价购买喜欢的宝贝: