Vadim's KB

VMware vCenter 6.x, добавление хоста, ошибка "Signed certificate could not be retrieved due to a start time error"

9. апреля 2017 koba (0)

When you replace the VMware Certificate Authority root certificate with an enterprise subordinate certificate, you experience these symptoms:

  • The certificate has been valid for less than 24 hours
  • You are unable to join a VMware vSphere ESXi host to VMware vCenter Server
  • You see the error:

    A general system error occurred: Unable to get signed certificate for host: esxi_hostname. Error: Start Time Error (70034)
This behavior is changed in VMware vCenter 6.0 Update 2 and later with the advanced setting vpxd.certmgmt.certs.minutesBefore, available at VMware Downloads. For more information, see the VMware vCenter Server 6.0 Update 2 release notes.
 
To change the vpxd.certmgmt.certs.minutesBefore to 10:
  1. Connect to the vCenter Server using the vSphere Client and administrator credentials.
  2. Select Administration > vCenter Server Settings to display the vCenter Server Settings dialog box.
  3. In the settings list, select Advanced Settings.
  4. In the Key field, type a key.
  5. In the Key field, enter this key:
    vpxd.certmgmt.certs.minutesBefore
  6. In the Value field, enter:
    10
  7. Click Add.
  8. Click OK.

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2123386