Solution<\/h2>\n\n\n\n
At the time of troubleshooting and the writing of this article there is no patch provided by VMware so the following steps should be implemented to fix the issue.<\/p>\n\n\n\n
Obtain Bearer token<\/strong><\/p>\n\n\n\n Access vRA – cloud Assembly then go to Infrastructure > Connections > Cloud Account page. Here open the browser’s Developer Tools<\/em> then select Network<\/em>. If it is required then click to Refresh<\/em> and find access<\/em> then Authorization<\/em> on the right. If possible use Raw<\/em> option because for example the Firefox can use different character set that can cause authentication issues later on.<\/p>\n\n\n\n <\/p>\n<\/div><\/div>\n\n\n\n Obtain vCenter Cloud Account ID<\/strong><\/p>\n\n\n\n The easiest way to get this ID is from the UI by opening the respective vCenter within the Cloud Accounts page:<\/p>\n\n\n\n <\/p>\n\n\n\n The alternative way is using Postman. The Postman will be required later on so I recommend you to use this method instead the previous one. For this start the Postman and set as follows:<\/p>\n\n\n\n Then select GET option and enter https:\/\/vRA-FQDN\/iaas\/api\/cloud-accounts\/<\/em> where the vRA-FQDN is your vRA solution’s VIP or Node IP address. If everything goes well you get “Status: 200 OK” and the details of the configured Cloud Account. If you navigate to the vCenter that is afeected you will find the cloudAccountId<\/em>. This and the previous one should be the same:<\/p>\n\n\n\n <\/p>\n<\/div><\/div>\n\n\n\n Capture the vCenter’s certificate in PEM format<\/strong><\/p>\n\n\n\n To do this login to the vRA Node with root account and issue the following command, just replace the vCenter_FQDN:<\/p>\n\n\n\n Save the full output, including the “—–BEGIN CERTIFICATE—–” and “—–END CERTIFICATE—–” part as well.<\/p>\n<\/div><\/div>\n\n\n\n Using Postman to fix the issue<\/strong><\/p>\n\n\n\n Verify that you have all the necessary information:<\/p>\n\n\n\n Now it is time to create the body for the PATCH call. To do this do not use Notepad but Notepad++, PSPad or Visual Studio Code:<\/p>\n\n\n\n Open the Postman and enter https:\/\/vRA-FQDN\/provisioning\/uerp\/resources\/endpoints\/Cloud Account ID<\/em> to the URL field but change the vRA-FQDN<\/em> and Cloud Account ID<\/em> and also verify\/change the Bearer Token. Furthermore verify on the Headers page that the “api_version” key’s value is 2021-01-15<\/em> and the “Content-Type” is set to application\/json<\/em>. If any of these values are different fix or add them before continue:<\/p>\n\n\n\n <\/p>\n\n\n\n![\"\"](\"https:\/\/v-tailor.hu\/en\/wp-content\/uploads\/sites\/2\/2024\/01\/failedtovalidate-1.jpg\")
<\/a><\/figure>\n\n\n\n<\/a><\/figure>\n\n\n\n\n
<\/a><\/figure>\n\n\n\nopenssl s_client -connect vCenter_FQDN:443 2> \/dev\/null | openssl x509 | awk 'NF {sub(\/\\r\/, \"\"); printf \"%s\\\\n\",$0;}'<\/code><\/pre>\n\n\n\n\n
{\n \"customProperties\" : {\n \"certificate\": \"PEM certificate\"\n },\n \"endpointProperties\": {\n \"hostName\": \"vCenter IP or FQDN\",\n \"certificate\": \"PEM certificate\"\n }\n}<\/code><\/pre>\n\n\n\n<\/a><\/figure>\n\n\n\n