After fixing a failed SSD of one of my lab-hosts I had some minor issues with my vCenter. Whenever I logged on into it I received this error.
“ An error occured while sending an authentication request to the vCenter Single Sign-On server – An error occured when processing the metadate during vCenter Single Sign-On setup – null.”
fair enough I checked the :5480 VAMI of my PSC and vCenter and the vCenter showed me the SSO was not initialized.
BUUUUT, I figured out that this message is completly ok as long as you are having a distributed installation with a dedicated Platform Service Controller (PSC) virtual machine.
–> Let’s grab some log-files of the webclient.
“the time now …. does not fall in the request lifetime interval extended with clock tolerance of 600000 ms: … This might be due to a clock skew problem.”
So what was the problem. My ESXi host had some time-differences within each other based on a longer-outage I had within my home-lab. When I replaced my SSD I did not adjusted my bios-clock and therefore my repaired ESXi host did not match the others. Now the chain reaction takes place. In my lab-environment the vCSA (vCenter and PSC) take their time via VMware-tools based on the ESXi host clock.
–> vCenter was running on ESXi 1 && PSC on ESXi 2 –> Time difference > 60 seconds
So verify your ESXi host are having the correct time –> Make sure you have vCSA time-sync configured via NTP or VMware tools and verify the correct settings via the VAMI.
–> Once again it’s always(97%) time and DNS :-)