vCenter certificate validation error during 6.7 to 7.0 upgrade

While I was trying to upgrade the vCenter to 7 Update 3, ended up with an error saying

“The machine SSL certificate in the VMware Endpoint Certificate Store (VECS) does not correspond with the service registration in the VMware Directory Service (vmdir)”

The remediation steps are pretty straightforward as per their KB 2121701

In order to ease and speed up the process, you can simply follow the below steps.

  • Take a snapshot or a full backup of the source vCenter
  • Download the automated script from the VMware community
  • Copy the file to # /usr/lib/vmidentity/tools/scripts (you may use a utility like WinSCP)
  • Run the below commands

python ls_ssltrust_fixer_p3.py -f scan

python ls_ssltrust_fixer_p3.py -f fix

Author: Chathura Ariyadasa

♚Father ♚Husband ♚Innovative Technical Architect ♚ Cyber Security Strategist ♞ vCISO | vCIO ♞ Blogger & an Adrenaline junkie...