During the preparations for an upcoming training course delivery, I ran into some issues while adding a vCloud Director Instance to vRealize Orchestrator. The vCloud Director plugin offers a workflow to add a connection. After providing the host settings and authentication information the workflow throws the following error.
Error in logging in with user admin to the vCloud host https://sa-vcd-01.vclass.local:443 (Dynamic Script Module name : addHost#18)
The certificates in the lab-kit were updated recently so I first had to make sure the most recent vCloud Director certificate was uploaded to the vRealize Orchestrator appliance. You can do this by running a workflow called import a certificate from URL. Simply specify the URL, in my case https://sa-vcd-01.vclass.local:443 and the option to ignore warnings when using a self-signed certificate.
I gave it another try, but the add a connection workflow still throws the same addHost#18 error.
vRealize orchestrator certificates are managed in the Control Center. The Control Center is available at https://sa-vro-01.vclass.local:8283/vco-controlcenter/config. After selecting certificates, I noticed 3 certificates. One for vCenter and two for vCloud Director. One of the vCD certificates was expired but still on the top of the list. After removing the expired certificate, I was able to add the vCloud Director instance to vRO.
But this is only half the story. In vCloud Director, the vRealize Orchestrator must also be configured as an endpoint for publishing and using workflows in the service library. This can be done by logging into the provider portal and then going to the content libraries.
This is where you will find service management in the library administration. On the vRO Server tab you can ADD a vRealize Orchestrator instance after specifying the hostname and username.
You also need to upload the Trust Anchor. This is the PEM certificate of the vRealize Orchestrator. Retrieving this certificate is possible by using the command line keytool with the keystore password at the vRealize Orchestrator appliance. This procedure is described in this blog article written by Yves Sandfort over at Comdivision. Grab a copy of the PEM certificate with WinSCP from the vRealize Orchstrator appliance and upload the certificate to vCloud Director.
If you try to kick-off workflow from vCloud Director and it still doesn’t show the inventories, make sure that vCenter is also configured correctly as an endpoint in vRealize Orchestrator. The vCenter plugin offers 3 workflows for adding, updating, and deleting a vCenter instance.