To check if you need run the KB https://kb.vmware.com/s/article/87274
Open a SSH and run the command
openssl dgst -verify /var/vmware/applmgmt/fileintegrity/pub.key -signature /var/vmware/applmgmt/fileintegrity/fileintegrity_config.sig /etc/vmware/appliance/fileintegrity_config.json
If the result is Verification Failure, Follow the steps:
- Login to VCSA through ssh using putty.
- Download the script generate_signature.py from the attachment section to in the article.
- Upload the script to the VCSA ” root directory” using WINSCP
Note: If you faced an error while trying to login to VCSA through WINSCP , please run the below command on VCSA (SSH):
# chsh -s /bin/bash root
- Run the script using the command:
# python generate_signature.py
- Run the command:
# openssl dgst -verify /var/vmware/applmgmt/fileintegrity/pub.key -signature /var/vmware/applmgmt/fileintegrity/fileintegrity_config.sig /etc/vmware/appliance/fileintegrity_config.json
This should return a “Verified OK” response.
- Run the following commands:
service-control –stop applmgmt
rm -rf /storage/core/software-update/*
rm -rf /storage/db/patching.db
mv /storage/core/software-packages/staged-configuration.json /storage/core
mv /etc/applmgmt/appliance/software_update_state.conf /storage/core
service-control –start applmgmt
- Retry the update.