Hello,
1st time poster, please be kind :). I'm obviously not an expert, thats why I'm here..
Issue
- I cannot log into the vSphere desktop application. Error 503 server unavailable
- I dont know how to troubleshoot this fully
Background
- vCenter 6.0 appliance with external PSC
- ESX 6 hosts
- vSphere 6.0
"vCenter Server A" and "PSC Server A" linked to "vCenter Server B" and "PSC Server B" in a different country/datacenter.
Troubleshooting
- It is not a disk space issue (dh -f command shows no issues anywhere)
"vCenter Server A"
- vmware-vpxd will not start
- Tries to initialize for 10-20 minutes then times out
- Happens on boot, and if service-control --start vmware-vpxd
During "service-control --start vmware-vpxd", very shortly after in vpxd.log the 1st error shown is:
2023-08-09T13:10:53.674-06:00 error vpxd[7F7A2C969700] [Originator@6876 sub=HttpConnectionPool-000001] [ConnectComplete] Connect failed to <cs p:00007f7a30ff9210, TCP:vc
enter-A-psc.mydomain.local:443>; cnx: (null), error: N7Vmacore3Ssl18SSLVerifyExceptionE(SSL Exception: Verification parameters:
2023-08-09T13:10:53.674-06:00 error vpxd[7F7A2F7FE7A0] [Originator@6876 sub=HostGateway] [CisConnection]: Error getting trusted STS certificates: SSL Exception: Verification
parameters:
From there I found this KB:
vCenter Server or Platform Services Controller certificate validation error messages for external so...
- The certificates "seem" ok. Maybe I dont understand
- lstool.py has a cert for PSC A, this matches the OpenSSL cert
- lstool.py also reports a cert for PSC B (different than the cert for PSC A - that is correct I assume)
- Similarly, lstool.py shows matching certs with OpenSSL command for "VCENTER A"
- Similarly, lstool.py shows matching certs with OpenSSL command for "VCENTER B"
- Certs for VCENTER A does not match VCENTER B - that is also correct I assume
- VCENTER A & B get their cert from the PSC
Your thoughts, am I chasing the wrong thing?
Next steps?