Unisphere: "An error occurred while attempting to retrieve the certificate for ESXi: abc"
Summary: The following error is seen when registering ESXi vCenter Server xyz.abc.local in Unisphere for PowerMax 9.1.0.18: "An error occurred while attempting to retrieve the certificate for ESXi:xyz.abc.local A trusted CA-signed certificate is being used. A trusted CA-signed certificate is being used. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
The following error is seen when registering ESXi vCenter Server xyz.abc.local in Unisphere for PowerMax 9.1.0.18: :
"An error occurred while attempting to retrieve the certificate for ESXi:xyz.abc.local Error:com.emc.em.smc.VirtualIntegration.exceptions.VmWareException: Failed to retrieve the issuer certificate for ESXi: xyz.abc.local Please check that the CA certificate exists on the ESXi/vCenter Server."
Note: xyz.abc.local represents the Fully Qualified Domain Name (FQDN) of the ESXi server with the IP address 11.22.33.44. This is an example.
- A trusted CA-signed certificate is being used.
- The FQDN and IP address of the ESXi vCenter Server respond to pings successfully.
Nslookupresolves the server's FQDN to the correct IP address.- Using the IP instead of the FQDN gives the same error.
- An OpenSSL connection to the FQDN using port 443 is successful.
- TLSv1.2 is being used.
- Checking in the vSphere Client shows that the CA certificate is present on the ESXi vCenter Server as a three-part chain certificate.
The following errors can be found in SMAS.log:
WARN [em.smc.SMC] (default task-48) ManageServerService.getVMwareSystemDetails: Couldn't find a certificate for vCenter/ESXi server details. User has not accepted it ERROR [em.smc.COMMAND] (default task-48) VirtualServerAndVmCommandProcessor.registerVCenterServer: No Certificate found for vCenter/ESXi Server. ERROR [em.smc.SMC] (default task-17) com.emc.em.smc.VirtualIntegration.VirtualDeviceService.obtainCertificate(): Exception Creating Certificate Trust Issuer for: xyz.abc.local ERROR [em.smc.SMC] (default task-17) com.emc.em.smc.VirtualIntegration.VirtualDeviceService.obtainCertificate(): An Error occurred while attempting to retrieve the Certificate for ESXi: xyz.abc.local Error : com.emc.em.smc.VirtualIntegration.exceptions.VmWareException: Failed to retrieve the issuer certificate for ESXi: xyz.abc.local Please Check the CA Certificate exists on the ESXi/vCenter Server [em.smc.COMMAND] (default task-17) VirtualServerAndVmCommandProcessor.registerVCenterServer: An Error occurred while attempting to retrieve the Certificate for ESXi: xyz.abc.local Error: com.emc.em.smc.VirtualIntegration.exceptions.VmWareException: Failed to retrieve the issuer certificate for ESXi: xyz.abc.local Please Check the CA Certificate exists on the ESXi/vCenter Server
Cause
The error indicates that the VMware part of Unisphere cannot connect to the ESXi certificate. It is not related to the Unisphere certificate.
Resolution
The VMware ViClient handles the certificate chain. Unisphere passes the location of the .pem certificate to VMware, so there is an issue in the certificate logic wherein more than x (for example, two) certificates in the trust chain are not supported.
The ESXi certs may not be set up correctly.
There is also an enhancement for certificate handling in Unisphere regarding certificate chain length. A fix is planned for the Q3 2022 Security e-Pack. Engage Dell support for further details.
Article Properties
Article Number: 000184093
Article Type: Solution
Last Modified: 07 Aug 2025
Version: 5
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.