Recently, I had to use the Asyncpatch tool in SDDC Manager to Patch our vcenter to 7.0U3o due to the Critical Security patch VMSA-2023-0023 and came across this issue when performing the precheck for Management Domain in SDDC Manager.
If you Expand “Sddc Security Configuration”, the error was on the option “VMware Cloud Foundation certificate validation check”
if you come across this issue, perform the following commands to enable the Certificate Validation Check in SDDC Manager
Review the Certificate Validation Setting
Command --
root@sddcmgr1# curl localhost/appliancemanager/securitySettings
Output --
{"fipsMode":false,"certificateValidationEnabled":false}
Enable the Certification Validation
Command --
root@sddcmgr1# curl 'http://localhost/appliancemanager/securitySettings' -X POST -H 'Content-Type: application/json' -H 'Accept: application/json' -d '{"fipsMode":false,"certificateValidationEnabled":true}'
Check the Certificate Validation Setting after Enabling the Certificate Validation
Command --
root@sddcmgr1# curl localhost/appliancemanager/securitySettings
Output --
{"fipsMode":false,"certificateValidationEnabled":true}
You can observe from the above Output that the certificate validation is enabled as true.
Now, you can go ahead and retry the precheck and it will go through.
The final precheck which is green is shown in the screenshot below