vCenter Server Appliance Component Manager fails with an error when you first deploy it after an upgrade.


You deploy a vCenter Server Appliance instance and receive an error such as the following text:

"Firstboot script execution Error."

"The SSL certificate does not match when connecting to the vCenter Single Sign-On: hostname in certificate didn't match: <> != <localhost.localdom> OR <localhost.localdom> OR <localhost>"


The vCenter Server Appliance instance names do not match the names in the SSL certificates. You must regenerate the certificates to get the correct Fully Qualified Domain Names.


  1. Power on the vCenter Server Appliance 5.5 instance.
  2. Log into the VAMI https://IP:5480.
  3. Make sure that the correct IP address and Hostname are set in the Network Settings.
  4. Select the Certificate regeneration check box.
  5. Restart the vCenter Server Appliance 5.5 instance.

    The vCenter Server, vSphere Web Client, vami, slapd, vCenter Inventory Service, and vCenter Single Sign-On certificates are regenerated with a certificate containing and SubjectAltName containing DNS=vcenter-a IP= certificates no longer contain

  6. Rerun the vCenter Server Appliance 6.0 upgrade.


See Upgrade the vCenter Server Appliance with Embedded vCenter Single Sign-On.