BugZero | VMware BugID 2058332 - Rebooting vCenter Server Appliance 5.1 takes a lon...

VMware - Defect ID: 2058332

Rebooting vCenter Server Appliance 5.1 takes a long time when regenerating SSL certificates

VMware - Defect ID: 2058332

Rebooting vCenter Server Appliance 5.1 takes a long time when regenerating SSL certificates

Last updated on 6/18/2014

Overall: 0N/A

Severity: 0N/A

Community: 0N/A

Lifecycle: 0N/A

What is the BugZero Risk Score?

Vendor details

No defect details.

Overall: 0N/A

Severity: 0N/A

Community: 0N/A

Lifecycle: 0N/A

What is the BugZero Risk Score?

Vendor details

No defect details.

Symptoms

Rebooting the vCenter Server Appliance (VCSA) 5.1 when performing SSL certificate regeneration takes 20 minutes or more. The VCSA takes 20 minutes or more to reboot. This issue occurs in VCSA versions 5.1 Update 1a and Update 1b. The vpxd_cfg.log file (located at /var/log/vmware/vpx/ ) contains entries similar to:YYYY-MM-DD 11:38:17 2371: [2368]BEGIN execution of: /usr/sbin/vpxd_servicecfg certificate change /tmp/tmp.O0Jdpx5esm/chain.pem /tmp/tmp.O0Jdpx5esm/rui.keyYYYY-MM-DD 11:59:16 2371: VC_CFG_RESULT=0Note: The time taken is indicated by certificate change task in the log. This issue occurs when the Toggle certificate setting is selected in the VCSA Web interface (at http://VCVA_hostname:5480, under the Admin tab).

Resolution

This is a known issue affecting vCenter Server Appliance 5.1 Update 1a and Update 1b. This issue is resolved in vCenter Server Appliance 5.5, available at VMware Downloads. For more information about this version, see the VMware vSphere 5.5 Release Notes. To work around this issue if you are unable to upgrade, modify the vpxdva_subsequentboot_net configuration file. To modify the vpxdva_subsequentboot_net configuration file: Connect to the vCenter Server Appliance via SSH. For more information, see Enable or Disable SSH Administrator Login on the VMware vCenter Server Appliance in the vCenter Server and Host Management Guide. Navigate to the /usr/sbin/ directory. Back up the vpxdva_subsequentboot_net file. Do not skip this step. Open the vpxdva_subsequentboot_net file using the vi editor. For more information, see Editing files on an ESX host using vi or nano (1020302). Add the line: /etc/init.d/haveged startFor example, change the default configuration file from: #!/bin/bash# this is executed on each boot, except the first,# after network has been brought up.COMMONUTILS=/usr/sbin/vpxd_commonutils. $COMMONUTILSregenerate_certificatesTo:#!/bin/bash# this is executed on each boot, except the first,# after network has been brought up.COMMONUTILS=/usr/sbin/vpxd_commonutils. $COMMONUTILSregenerate_certificates Save and close the vpxdva_subsequentboot_net configuration file. Reboot the vCenter Server Appliance.

Related Information

Editing files on an ESX host using vi or nanoTroubleshooting the vCenter Server Appliance with Single Sign-On login SSL 証明書の再生成時、vCenter Server Appliance 5.1 の再起動に時間がかかる

Original Vendor Announcement

No bugs this month

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

VMware - Defect ID: 2058332

Rebooting vCenter Server Appliance 5.1 takes a long time when regenerating SSL certificates

VMware - Defect ID: 2058332

Rebooting vCenter Server Appliance 5.1 takes a long time when regenerating SSL certificates

Last updated on 6/18/2014

Vendor details

Vendor details

Description

Symptoms

Resolution

Related Information

Links

Top VMware defects by risk score

Ready to prevent the next vendor outage?