In a previous post I talked about deploying custom SSL certs into a vCenter 5.5 environment. As I was working through the update steps, the Certificate Automation Tool kept bombing out when updating the Inventory Service certificate. Neither the client nor I really knew why this was happening, but I had a bit of a hunch that it something to do with SSO credentials. It turned out to be a lucky guess, as I reset the password a few times and the SSL cert tool started working.
If you find yourself in this situation, there’s a tool provided with vCenter to reset the SSO password. Here’s a link to the KB article.
c:\Program Files\VMware\Infrastructure\VMware\CIS\vmdird>vdcadmintool.exe
It’s a fairly straightforward process, but you need to be mindful to use a generated password that meets VMware’s requirements for SSO passwords and special characters. By that I mean that some special characters aren’t allowed, even though they’re in passwords generated by the tool. You can get details on that here. In short, these special characters are not supported in SSO passwords:
- Non-ASCII characters
- Ampersand (&)
- Semicolon ( ; )
- Double quotation mark ( ” )
- Single quotation mark ( ‘ )
- Circumflex ( ^ )
- Backslash ( \ )
- Percentage (%)
At times I wasn’t convinced that this list is comprehensive either.