Troubleshooting VMware Cloud Director Encryption Management as a Cloud Provider

If you lose connectivity or encounter an error when trying to access VMware Cloud Director Encryption Management, you can troubleshoot and remediate your appliance.

Command-line interface and common parameters

You can fetch logs and check the status of a VMware Cloud Director Encryption Management appliance by mounting the ISO file and interfacing with it through command-line. To authenticate your actions, you need to always enter the following authentication parameters as part of your commands:

Parameter	Description
`--host`	VMware Cloud Director host name, where VMware Cloud Director Encryption Management is installed.
`--username`	The user name used to authenticate to the host VMware Cloud Director.
`--password`	The password used to authenticate to the host VMware Cloud Director.
`--insecure` or `--certificate-file`	To ignore certificate validation, use `--insecure`. Alternatively use `--certificate-file` and enter the path to the file with the trusted certificates for validation.

The authentication parameters in the table are hereafter referred to as common_parameters.

1. Fetching and analyzing the log files

The first step in troubleshooting errors with your VMware Cloud Director Encryption Management appliance is to fetch and analyze the log files. There are three types of logs you can fetch:

Log name	Type of events containted in log file
`byok.log`	Contains information and warning events.
`byok-error.log`	Contains error events.
`byok-debug.log`	Contains all events, including information, warning, error, debug, and trace events.

Mount the VMware Cloud Director Encryption Management ISO file using command-line interface and navigate to the cli>your_operating_system folder.
Run the fetch log command, replacing <log_name> with the type of log you want to fetch.
```
vcdemctl appliance logs [common_parameters] --log-name <log_name> --all
```
If you are able to fetch the logs, open them and analyze them for errors. In the byok-debug.log log, scroll down until you see the "Server started" event. If there are no errors afterwards, your appliance is running and operational.
If there are errors after the "Server started" event, go to step 3 to remediate your appliance.
If you get an error when trying to fetch the logs, it may be because the appliance lost connectivity to VMware Cloud Director. Go to step 2.

2. Check appliance status

If you cannot access the logs of your VMware Cloud Director Encryption Management appliance, you need to check the status and network connectivity of the appliance.

Mount the VMware Cloud Director Encryption Management ISO file using command-line interface and navigate to the cli>your_operating_system folder.
Run the command to check the status of your appliance.
```
vcdemctl appliance status [common_parameters]
```
The payload returns data about the status of your appliance.

Important: The returned status is not real-time but is updated every 30 minutes.
If your appliance is running bot not operational, continue with the procedure.
Ensure that virtual machine of the appliance has newtork connectivity with the VMware Cloud Director public endpoint.
In the VMware Cloud Director administrator portal, go to Administration > Provider Access Control > Service Accounts and ensure the encryption-managemenet-system-user service account is active.

When you are done ensuring that all components are properly set up, go back to step 1 and try to fetch the logs again. If you are able to fetch the logs, VMware Cloud Director Encryption Management is most likely operational. If you still experience errors, contact VMware support and provide them with the logs.

In case you still cannot fetch the logs or there are errors in the logs, go to step 3.

3. Remediate VMware Cloud Director Encryption Management

You can remediate the VMware Cloud Director Encryption Management appliance.

On the VMware Cloud Director toolbar, click More > Solution Add-On Management.
Click Encryption Management.
Next to the instance you want to remediate, click the vertical-ellipsis icon () > Remediate.
Click Confirm.
Once the remediation process is complete, refresh your browser and try to access VMware Cloud Director Encryption Management again.

If your issue persists, open a support ticket.