Upgrading to vRealize Automation 7.3 makes changes to endpoints in the target environment.
After you upgrade to vRealize Automation 7.3, you must use the Test Connection action for all applicable endpoints. You might also need to make adjustments to some upgraded endpoints. For more information, see Considerations When Working With Upgraded or Migrated Endpoints.
The default security setting for upgraded or migrated endpoints is to not accept untrusted certificates.
After upgrading or migrating from pre-vRealize Automation 7.3, if you were using untrusted certificates you must perform the following steps for all vSphere and NSX endpoints to enable certificate validation. Otherwise, the endpoint operations fail with certificate errors. For more information see VMware Knowledge Base articles Endpoint communication is broken after upgrade to vRA 7.3 (2150230) at http://kb.vmware.com/kb/2150230 and How to download and install vCenter Server root certificates to avoid Web Browser certificate warnings (2108294) at http://kb.vmware.com/kb/2108294.
After upgrade or migration, log in to the vRealize Automation vSphere agent machine and restart your vSphere agents by using the Services tab.
Migration might not restart all agents, so manually restart them if needed.
Wait for at least one ping report to finish. It takes a minute or two for a ping report to finish.
When the vSphere agents have started data collection, log in to vRealize Automation as an IaaS administrator.
Edit a vSphere endpoint and click Test Connection.
If a certificate prompt appears, click OK to accept the certificate.
If a certificate prompt does not appear, the certificate might currently be correctly stored in a trusted root authority of the Windows machine hosting service for the endpoint, for example as a proxy agent machine or DEM machine.
Click OK to apply the certificate acceptance and save the endpoint.
Repeat this procedure for each vSphere endpoint.
Repeat this procedure for each NSX endpoint.
If the Test Connection action is successful but some data collection or provisioning operations fail, you can install the same certificate on all the agent machines that serve the endpoint and on all DEM machines. Alternatively, you can uninstall the certificate from existing machines and repeat the above procedure for the failing endpoint.