tag:blogger.com,1999:blog-6059874241017858476.post5464046054757951004..comments2023-11-01T18:25:49.063+01:00Comments on VMware Front Experience: Re-pointing vCenter Server 5.5: A Survival Guide to KB2033620Andreas Peetzhttp://www.blogger.com/profile/12918778845056237847noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-6059874241017858476.post-12895338535145834592016-09-13T14:01:08.137+02:002016-09-13T14:01:08.137+02:00Oh and thanks for the informative post :-)Oh and thanks for the informative post :-)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6059874241017858476.post-3343280457220442432016-09-13T14:00:33.373+02:002016-09-13T14:00:33.373+02:00if you stand up your new SSO environment using 5.1...if you stand up your new SSO environment using 5.1 first, then upgrade it to 5.5, and then repoint, it should work. 5.1 will use certificates with subjects that will work with the repointing script, whereas 5.5 apparently does not. It's also important to note that if you are have a multi-site or HA SSO environment, then SSO 5.1 must be installed on all nodes prior to upgrading them to 5.5, otherwise the fresh 5.5 install on the additional nodes will still use the bad certs.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6059874241017858476.post-49218489016048948622016-04-19T09:56:10.161+02:002016-04-19T09:56:10.161+02:00very good post! We ran into the same issues during...very good post! We ran into the same issues during our upgrade. I'd like to add that you need to remove linked mode when using two vCenter servers before re-registering to the new external SSO instance. We had to do a rollback to the previous snapshot as we ran into some issue during the re-registration process. This is mentioned in KB2033620 but just as a side note.<br />A second issue was that certificate warning messages appeared after vCenter 6.0 U2 upgrade even though we installed custom CA signed certificates on the external SSO 5.5 instances. Pointing Certificate Manager again to the same CA signed certificates for SSO fixed this.Ronnynoreply@blogger.com