Comment thread started by Evgeniy on SDDC Certificate Tool

Full comments
Aug 27, 2019

Hi,
thank you for your tool.
I'm unable to get it worked with Let's Encrypt certificate on vCenter 6.5 with embedded PSC, cert files were converted from .pem to .cer using openssl.

java -version
openjdk version "1.8.0_222"
OpenJDK Runtime Environment (build 1.8.0_222-b10)
OpenJDK 64-Bit Server VM (build 25.222-b10, mixed mode)

cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)

I run into with the following error:
java -jar lib/certreplace-1.0.0.jar -c config/embedded-psc-vcenter.json -replacecert
2019-08-27 06:33:02,060 INFO [main] (CertMgmtApp.java:185) - Loading configuration file...
2019-08-27 06:33:03,005 INFO [main] (CertMgmtApp.java:226) - Host host.test.com presented ssl certificate XX:XX:XX:XX:XX:XX:XX:X:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
Proceed with these certificates : Option[Y/N] ? : Y
2019-08-27 06:33:04,944 INFO [main] (CertMgmtApp.java:245) - User accepted ssl certificates presented by all hosts, continue.
2019-08-27 06:33:04,948 INFO [main] (CertReplaceConfigValidator.java:44) - Validating configuration file for certificate replacement...
2019-08-27 06:33:04,953 INFO [main] (CertReplaceConfigValidator.java:67) - Validating configuration of host vcsa01-lax.manage42.com...
2019-08-27 06:33:04,971 INFO [main] (CertReplaceConfigValidator.java:71) - Validating certificate files...
2019-08-27 06:33:05,393 ERROR [main] (CertMgmtApp.java:260) - Error occrued while validating configuration file.
java.lang.IllegalArgumentException: The validated array is empty
at org.apache.commons.lang3.Validate.notEmpty(Validate.java:254) ~[commons-lang3-3.5.jar:3.5]
at org.apache.commons.lang3.Validate.notEmpty(Validate.java:276) ~[commons-lang3-3.5.jar:3.5]
at com.vmware.certreplacement.toolbox.certificate.utils.CertificateUtils.orderCertificates(CertificateUtils.java:252) ~[certreplace-1.0.0.jar:?]
at com.vmware.certreplacement.config.model.ConfigUtils.loadCertificates(ConfigUtils.java:31) ~[certreplace-1.0.0.jar:?]
at com.vmware.certreplacement.config.validator.ConfigValidateUtils.isCertificateInfoValid(ConfigValidateUtils.java:281) ~[certreplace-1.0.0.jar:?]
at com.vmware.certreplacement.config.validator.AbstractProductConfigValidator.isCertificateValid(AbstractProductConfigValidator.java:169) ~[certreplace-1.0.0.jar:?]
at com.vmware.certreplacement.config.validator.CertReplaceConfigValidator.runValidators(CertReplaceConfigValidator.java:72) ~[certreplace-1.0.0.jar:?]
at com.vmware.certreplacement.config.validator.CertReplaceConfigValidator.isValid(CertReplaceConfigValidator.java:48) ~[certreplace-1.0.0.jar:?]
at com.vmware.certreplacement.main.CertMgmtApp.replaceCert(CertMgmtApp.java:255) [certreplace-1.0.0.jar:?]
at com.vmware.certreplacement.main.CertMgmtApp.main(CertMgmtApp.java:82) [certreplace-1.0.0.jar:?]

Do you have any idea how to fix it?