DSVA (Deep Security Virtual Appliance) Open Virtualization Format (OVF) validation error on VMware vCenter Server 8.0.2

Product / Version includes:

Deep SecurityAll

Last updated: 2024/07/31

Solution ID: KA-0015529

Category: Troubleshoot , Deploy

Summary

The recent VMware vCenter Server 8.0 Update 2 (8.0.2) adds more security validation on 3rd VIB/OVF URLs on EAM module. As a result of this update, the following may be encountered:
• The vCenter server 8.0.2 pre-update check shows that the DSVA OVF is not validated. The following error is encountered:
"Source ESX Agent Manager Configuration contains URLs that are not trusted by the System!"

For details of this error, refer to the VMware KB, Upgrade Pre-check states "Source ESX Agent Manager Configuration contains URLs that are not trusted by the System!" (93526).

• Deployment/update of DSVA from NSX-T fails.

For details of this error, refer to the VMware KB, EAM API call fails with CertificateNotTrustedFault or EAM agent has CertificateNotTrusted issue. (93130).

Below are 2 workarounds you may choose from:

Option 1: Configure a leaf SSL certificate that is to be trusted for a specific VIB or OVF URL.
#/usr/lib/vmware-eam/bin/eam-utility.py install-cert <VIB/OVF URL>
Option 2: Disable the SSL certificate verification for a specific VIB or OVF URL.
#/usr/lib/vmware-eam/bin/eam-utility.py disable-trust <VIB/OVF URL>

Please make sure to check the /etc/vmware-eam/depot-trust.json file that shows 6 DSVA OVF URLs to be trusted or disabled for trust validation.

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

DSVA (Deep Security Virtual Appliance) Open Virtualization Format (OVF) validation error on VMware vCenter Server 8.0.2

DSVA (Deep Security Virtual Appliance) Open Virtualization Format (OVF) validation error on VMware vCenter Server 8.0.2

Product / Version includes:

Summary