VMware: Error 26002/26006 - Upgrading vCenter from 5.0 to 5.5 w/ CA signed certs

There are troves of these articles online about this so I'll try to keep this concise.

Steps for moving from one VM (assuming Windows and SSO/PSC already in place) to another:

  1. Shut down and disable services on original VM.
  2. Rename original VM.
  3. Rename new VM to original VM's name.
  4. Create the following directories on new VM:
    1. C:\ProgramData\VMware\Infrastructure\Inventory Service\SSL
      • ProgramData is typically always on C: drive, so this is a must.
    2. C:\ProgramData\VMware\VMware VirtualCenter\SSL
      • ProgramData is typically always on C: drive, so this is a must.
    3. C:\Program Files\VMware\Infrastructure\Inventory Service\SSL
      • C: drive can be replaced w/ drive that you plan to install inventory services.
  5. Copy your signed certs from your old VM to this new one in the above directories.
    1. rui.pfx
    2. rui.crt
    3. rui.key
      1. In the case of the VirtualCenter SSL directory, you'll probably also need the following, I think they are used for the custom spec passwords:
        • sms.truststore
        • sms.keystore
  6. End Result before installations begin, should look like this:
  7. Once you do this and backup the SQL server database, you should be ready to move forward.

Essentially, getting the error above was because I did not follow VMware's instructions on updating my signed cert.  If I did things properly, meaning updating both the Inventory Service and vCenter Service w/ the same signed cert, I would not have gotten the above error.

Meaning I generated a signed cert from my internal CA and only applied it to the vCenter service.  The Inventory Service was still using a self-signed cert, which when an upgrade is attempted causes it to blurt out the above error.

1 comment:

Anonymous said...

Great tutorial, problem solveed, thank you very much