VCH Deployment Fails with Missing Common Name Error Even When TLS Options Are Specified Correctly
If you deploy a virtual container host (VCH) and you have specified one of the
vic-machine create --tls-cname,
--no-tls options, or you set a static IP address on the client network, the deployment fails with an error about the certificate Common Name being missing.
Deployment fails during the validation of the configuration that you provided, even if you did specify a TLS option or you set a static IP address on the client network. For example:
$ vic-machine-windows create --target 'Administrator@vsphere.local:password'@vcenter_server --bridge-network vic bridge --no-tls ### Installing VCH #### [...] Common Name must be provided when generating certificates for client authentication: [...] Create cannot continue: unable to generate certificates -------------------- vic-machine-windows.exe failed: provide Common Name for server certificate
If you include a TLS option at the beginning of the
vic-machine create command rather than the end, you see the following error:
$ vic-machine-windows create --target 'Administrator@vsphere.local:password'@vcenter_server --no-tls --bridge-network vic bridge ### Installing VCH #### [...] Unknown argument: bridge -------------------- vic-machine-windows.exe failed: invalid CLI arguments
String values that you provided for certain options contain spaces or special characters that you did not escape with quotations marks. The
vic-machine create input validator validates the arguments that you provide only as far as the argument that includes the space or special character. If you specify the TLS option before the argument with the space or special character,
vic-machine create throws the correct error message. However, if you specify the TLS option after the argument that includes the space or special character, the
vic-machine create validator stops before it reaches the TLS option, and so throws the error about the missing Common Name.
Wrap any arguments that contain spaces or special characters in single quotation marks (') on Mac OS and Linux and in double quotation marks (") on Windows.
Option arguments that might require quotation marks include the following:
- User names and passwords in
--target, or in
- Datacenter names in
- VCH names in
- Datastore names and paths in
- Network and port group names in all networking options.
- Cluster and resource pool names in
- Folder names in the paths for