错误提示:
503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http20NamedPipeServiceSpecE:0x00007fecb000b770] _serverNamespace = / action = Allow _pipeName =/var/run/vmware/vpxd-webserver-pipe)
进入ssh界面
检查chip空间十分正常:

root@record [ ~ ]# df -h
Filesystem                                Size  Used Avail Use% Mounted on
devtmpfs                                  7.9G     0  7.9G   0% /dev
tmpfs                                     7.9G   12K  7.9G   1% /dev/shm
tmpfs                                     7.9G  700K  7.9G   1% /run
tmpfs                                     7.9G     0  7.9G   0% /sys/fs/cgroup
/dev/sda3                                  11G  5.5G  4.7G  55% /
tmpfs                                     7.9G   18M  7.9G   1% /tmp
/dev/mapper/netdump_vg-netdump            985M  1.3M  932M   1% /storage/netdump
/dev/mapper/log_vg-log                    9.8G  3.1G  6.2G  34% /storage/log
/dev/mapper/imagebuilder_vg-imagebuilder  9.8G   23M  9.2G   1% /storage/imagebuilder
/dev/mapper/db_vg-db                      9.8G  242M  9.0G   3% /storage/db
/dev/mapper/core_vg-core                   50G   52M   47G   1% /storage/core
/dev/mapper/autodeploy_vg-autodeploy      9.8G   23M  9.2G   1% /storage/autodeploy
/dev/mapper/updatemgr_vg-updatemgr         99G   98M   94G   1% /storage/updatemgr
/dev/mapper/dblog_vg-dblog                 15G  230M   14G   2% /storage/dblog
/dev/mapper/seat_vg-seat                   25G  1.3G   22G   6% /storage/seat
/dev/sda1                                 120M   28M   87M  25% /boot

检查证书是否过期:

root@record [ /tmp1 ]# python checksts.py2 VALID CERTS
================LEAF CERTS:[] Certificate 77:B0:98:2C:F6:A5:76:78:79:97:47:74:05:BE:82:9C:1A:CA:52:95 will expire in 730 days (2.0 years).ROOT CERTS:[] Certificate 0A:95:66:2A:38:52:F2:24:17:D9:BC:66:0C:E8:5C:C2:31:80:54:05 will expire in 2915 days (7.0 years).0 EXPIRED CERTS
================LEAF CERTS:NoneROOT CERTS:None
root@record [ /tmp1 ]# for i in $(/usr/lib/vmware-vmafd/bin/vecs-cli store list); do echo STORE $i; /usr/lib/vmware-vmafd/bin/vecs-cli entry list --store $i --text | egrep "Alias|Not After"; done
STORE MACHINE_SSL_CERT
Alias : __MACHINE_CERTNot After : Aug 27 21:14:59 2021 GMT
STORE TRUSTED_ROOTS
Alias : 0a95662a3852f22417d9bc660ce85cc231805405Not After : Aug 22 09:14:26 2029 GMT
STORE TRUSTED_ROOT_CRLS
Alias : 615ffd35bd0c86bd4e1a482b975fca208fc422d6
STORE machine
Alias : machineNot After : Aug 27 09:05:53 2021 GMT
STORE vsphere-webclient
Alias : vsphere-webclientNot After : Aug 27 09:05:58 2021 GMT
STORE vpxd
Alias : vpxdNot After : Aug 27 09:06:05 2021 GMT
STORE vpxd-extension
Alias : vpxd-extensionNot After : Aug 27 09:06:06 2021 GMT
STORE SMS
Alias : sms_self_signedNot After : Aug 28 09:20:48 2029 GMT
STORE BACKUP_STORE
Alias : bkp___MACHINE_CERTNot After : Aug 27 21:14:59 2021 GMT
Alias : bkp_machineNot After : Aug 27 09:05:53 2021 GMT
Alias : bkp_vsphere-webclientNot After : Aug 27 09:05:58 2021 GMT
Alias : bkp_vpxdNot After : Aug 27 09:06:05 2021 GMT
Alias : bkp_vpxd-extensionNot After : Aug 27 09:06:06 2021 GMT

发现证书过期:
查询服务名称信息

root@record [ /tmp1 ]# /usr/lib/vmware-vmafd/bin/vmafd-cli get-pnid --server-name localhost
192.16.86.240

更新证书

root@record [ /tmp1 ]# /usr/lib/vmware-vmca/bin/certificate-manager_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |                                                                     ||      *** Welcome to the vSphere 6.5 Certificate Manager  ***        ||                                                                     ||                   -- Select Operation --                            ||                                                                     ||      1. Replace Machine SSL certificate with Custom Certificate     ||                                                                     ||      2. Replace VMCA Root certificate with Custom Signing           ||         Certificate and replace all Certificates                    ||                                                                     ||      3. Replace Machine SSL certificate with VMCA Certificate       ||                                                                     ||      4. Regenerate a new VMCA Root Certificate and                  ||         replace all certificates                                    ||                                                                     ||      5. Replace Solution user certificates with                     ||         Custom Certificate                                          ||                                                                     ||      6. Replace Solution user certificates with VMCA certificates   ||                                                                     ||      7. Revert last performed operation by re-publishing old        ||         certificates                                                ||                                                                     ||      8. Reset all Certificates                                      ||_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|
Note : Use Ctrl-D to exit.
Option[1 to 8]: 8
Do you wish to generate all certificates using configuration file : Option[Y/N] ? : Y
Please provide valid SSO and VC priviledged user credential to perform certificate operations.
Enter username [Administrator@vsphere.local]:Administrator@vsphere.local
Enter password:
Please configure certool.cfg with proper values before proceeding to next step.
Press Enter key to skip optional parameters or use Default value.
Enter proper value for 'Country' [Default value : US] :
Enter proper value for 'Name' [Default value : CA] :
Enter proper value for 'Organization' [Default value : VMware] :
Enter proper value for 'OrgUnit' [Default value : VMware Engineering] :
Enter proper value for 'State' [Default value : California] :
Enter proper value for 'Locality' [Default value : Palo Alto] :
Enter proper value for 'IPAddress' (Provide comma separated values for multiple IP addresses) [optional] : 192.16.86.240
Enter proper value for 'Email' [Default value : email@acme.com] :
Enter proper value for 'Hostname' (Provide comma separated values for multiple Hostname entries) [Enter valid Fully Qualified Domain Name(FQDN), For Example : example.domain.com] : 192.16.86.240
Enter proper value for VMCA 'Name' :192.16.86.240
Continue operation : Option[Y/N] ? : y
You are going to reset by regenerating Root Certificate and replace all certificates using VMCA
Continue operation : Option[Y/N] ? : y
Get site nameCompleted [Reset Machine SSL Cert...]
Reset status : 100% Completed [Reset completed successfully]
root@record [ /tmp1 ]# reboot -f

root@record [ /tmp1 ]# ./fixsts.sh
NOTE: This works on external and embedded PSCs
This script will do the following
1: Regenerate STS certificate
What is needed?
1: Offline snapshots of VCs/PSCs
2: SSO Admin Password
IMPORTANT: This script should only be run on a single PSC per SSO domain
==================================
Resetting STS certificate for record started on Sat Sep  4 14:55:30 CST 2021Detected DN: cn=192.16.86.240,ou=Domain Controllers,dc=vsphere,dc=local
Detected PNID: 192.16.86.240
Detected PSC: 192.16.86.240
Detected SSO domain name: vsphere.local
Detected Machine ID: 1cd37eb5-541c-40ac-9d6f-f49c41f35515
Detected IP Address: 192.16.86.240
Domain CN: dc=vsphere,dc=local
==================================
==================================Detected Root's certificate expiration date: 2029 Aug 29
Detected today's date: 2021 Sep 4
==================================Exporting and generating STS certificateStatus : Success
Using config file : /tmp/vmware-fixsts/certool.cfg
Status : SuccessEnter password for administrator@vsphere.local:
Amount of tenant credentials: 1
Exporting tenant 1 to /tmp/vmware-fixstsDeleting tenant 1Amount of trustedcertchains: 1
Exporting trustedcertchain 1 to /tmp/vmware-fixstsDeleting trustedcertchain 1Applying newly generated STS certificate to SSO domain
adding new entry "cn=TenantCredential-1,cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local"adding new entry "cn=TrustedCertChain-1,cn=TrustedCertificateChains,cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local"Replacement finished - Please restart services on all vCenters and PSCs in your SSO domain
==================================
IMPORTANT: In case you're using HLM (Hybrid Linked Mode) without a gateway, you would need to re-sync the certs from Cloud to On-Prem after following this procedure
==================================
==================================
root@record [ /tmp1 ]# reboot -f

VC密码正确无法登陆。证书过期。处理。相关推荐

  1. sql yog 出现 access denied for user root@localhost 但是密码正确

    在打开sqlyog得时候出现了 密码正确但是登陆不上得问题 - 首先我们先按 win+R 输入命令 "services.msc" 打开服务 然后找到你得 mysql57得服务 并鼠 ...

  2. 检查vCenter Server上STS证书的过期日期(79248)(STS证书过期,导致 vCenter 报503无法登陆VC)

    检查vCenter Server上STS证书的过期日期(79248) 上次更新时间:2020/6/11分类:如何 1个语言:                 简体中文)日本西班牙文英语         ...

  3. 模拟一个“系统登陆“窗体,进行用户名和密码的验证: 1.当用户名和密码都正确时,弹出一个对话框,提示“用户名和密码正确”, 2.用户名错误,弹出一个对话框,提示“用户名错误,请重新输入!”

    模拟一个"系统登陆"窗体,进行用户名和密码的验证: 1.当用户名和密码都正确时,弹出一个对话框,提示"用户名和密码正确", 2.用户名错误,弹出一个对话框,提示 ...

  4. 登陆淘宝账号,提示证书过期

    近日 ,遇到一客户,10年前的老本,方屏.登陆淘宝网,点"登陆"时,提示证书过期.有"关闭此耍页面""继续浏览"两个选项,点"继续 ...

  5. 模拟QQ登陆,输入账号与密码,如果账号与密码正确则显示登录成功, 如果失败则重新登录,并显示登录错误几次,如果登录错误三次则程序结束登录失败。

    模拟QQ登陆,输入账号与密码,如果账号与密码正确则显示登录成功,如果失败则重新登录,并显示登录错误几次,如果登录错误三次则程序结束登录失败. public class Test3 { public s ...

  6. 设计登陆窗口界面,当输入账号密码正确时,界面如图一所示,当输入账号密码有误时,界面如图二所示。 import java.awt.*; import java.awt.event.*; import

    //设计登陆窗口界面,当输入账号密码正确时,界面如图一所示,当输入账号密码有误时,界面如图二所示. import java.awt.*; import java.awt.event.*; import ...

  7. mysql密码输入正确但是登陆不进去

    mysql密码输入正确但是登陆不进去 ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password YES ...

  8. C语言:编写代码实现,模拟用户登入情景,并且只能登入三次。(只允许输入三次,如果密码正确则提示登陆成功,如果三次均输入错误,则退出程序)

    #define _CRT_SECURE_NO_WARNINGS 1 #include<stdio.h> #include<string.h> int main() {      ...

  9. mysql无法本地登陆_MySQL密码正确却无法本地登录的解决方法

    MySQL root密码正确,却怎么也无法从本地登录MySQL,提示 复制代码 代码如下: ERROR 1045 (28000): Access denied for user 'root'@'loc ...

  10. EMC VNX证书过期解决方案

    想登录一台vnx5400存储的管理口,win10系统登录不上,有java问题,我就装了一台xp虚拟机,安装java1.7 32位版本,还是不行,提示证书不行,没在意,以为是java的问题,装java1 ...

最新文章

  1. 2021CCF颁奖典礼首次多平台网络直播,致敬获得者!CCF杰出工程师
  2. 三星S7 android操作系统耗电,2K屏手机玩游戏耗电大、性能渣?三星S7:呵呵
  3. [031] 实战:书大师网站开发准备
  4. 设置SQLServer数据库内存
  5. 基于JAVA+SpringBoot+Mybatis+MYSQL的进销存管理系统
  6. 关于XIFF开发IM的一些想法
  7. 查看登陆系统用户的信息的三种方法详解
  8. 02(d)多元无约束优化问题-拟牛顿法
  9. Hadoop1.2.0开发笔记(九)
  10. 关于GetTickCount函数的用法
  11. 史上最详细的Hadoop环境搭建
  12. 【“免费”Windows优秀软件推荐】:Fences——自动整理桌面图标
  13. Android NDK开发基础
  14. Win10 环境变量配置
  15. winscp连接linux时提示连接失败OOPS:cannot change directory:/home/....什么的原因以及解决方案
  16. 关于base64编码解码(Android编码,JS解码,案例为解决安卓端H5页面的emoji表情显示问题)
  17. openjudge7939_膨胀的木棍
  18. 小米云服务器怎么管理员密码,小米路由器管理密码怎么设置 小米路由器管理密码设置介绍【图文】...
  19. 微信小程序 Basic Auth 前后端restful api进行身份验证
  20. MMM配置文件及相关命令

热门文章

  1. grandMA2 onPC 3.1.2.5的DMX参数摸索
  2. 项目实战第二十一讲:平台商品库
  3. 计算机的超级登录用户名和密码,登录到windows用户名和密码
  4. KDD 2022论文合集(持续更新中)
  5. dspic c语言教程,轻松学PIC之数码管篇 PIC单片机学习系列教程
  6. 十分钟搞清字符集和字符编码
  7. CG佬的20年:行走于行业的过去与未来
  8. 单交换机的vlan划分
  9. C# 使用SHFileOperation 复制文件 注意引用方式
  10. 查看tomcat端口号