public

vCenter error: Unable to get signed certificate forhost name rpc_s_no_memory

Unable to add ESXi hosts after repointing vCenter to another domain? Let's fix rpc_s_no_memory error!

4 months ago

Latest Post VMworld 2021 - 10 sessions from my watchlist by Alexey Koznov public

After repoint vCenter to another domain we're unable to connect ESXi hosts to this vCenter.

While adding host to target vCenter we've got an error:

A general system error occurred: Unable to get signed certificate forhost name 'xxESXxxxx.domain.local' ip '10.xx.xx.xx': Error: Failed to connect to the remote host, reason = rpc_s_no_memory (0x16c9a012). (382312466)

Before we've a solution we made a w/a: we temporarely switched Certificate Mode on the target vCenter (vpxd.certmgmt.mode) to thumbprint mode by "Change the Certificate Mode" article.

After that we've successfuly added host and switched back "vpxd.certmgmt.mode" from thumbprint to vmca.

After that we've tried to renew certiface on the previously added host, but we see the same error.

Before these attemps of adding ESXi host we've maintenance where we repoint vCenter from domain XXXvcloud.local to XXXvcloudm0177.local

Identity Sources - System Domain

WARNING: For making any changes in the DB of products you should contact support and create SR to get proper assistance! Use materials from this post at your own risk. We don’t take responsibility and/or give any warranty if you reuse this content.

But if we check rdb database using these commands (connect to vCenter via SSH -> Shell):

sqlite3 /var/lib/rbd/db
select * from config_pairs;

We see that in adcreds-domain there is old domain name :

adcreds-domain - Old domain name

Solution: we should update record adcreds-domain from XXXvcloud.local to XXXvcloudm0177.local in table config_pairs with this command:

update config_pairs set value='XXXvcloudm0177.local' where key='adcreds-domain';

After that you should restart vCenter services.

Alexey Koznov

Published 4 months ago

Comments?

Leave us your opinion.