Through the years I had to troubleshoot various instances where vCenter Servers had issues with services not starting properly due to expired Certificates.
In this article I have gathered a few support articles which help to resolve issues caused by expired vCenter Server Certificates like:
- Warnings in the vCenter interface showing certificates are expiring soon
- 503 service not available…endpoint
- no healthy upstream
- [500] An error occurred while fetching identity providers
The articles are for the following versions:
- vCenter Server 6.x
- vCenter Server 7.0.x
- vCenter Server 8.0.x
- First determine which Certificates have expired
- Depending the expired certificate(s) found on Step 1 follow the resolution suggested in the following article:
- STS Certificate renewal
- Custom Certificates
- VMware Certificate Manager
- Microsoft Certificate Authority
- File transfer using WinSCP
- Connecting to vCenter Server Virtual Appliance using WinSCP
- Using WinSCP with the VMware vCenter Server Appliance (Alternative without messing with vCenter)
For Certificate alarms that have to do with the “BACKUP_STORES“:
Certificate alarm – Clearing BACKUP_STORES certificates in the VCSA
As always, before attempting any solutions make sure you have a Backup or a recent Snapshot of your vCenter Server VM.
If you’ve found my post helpful, I’d love it if you bought me a coffee! ☕😊
