After you install custom SSL certificates, attempts to enable vSphere High Availability (HA) fail.

When you attempt to enable vSphere HA on a host with custom SSL certificates installed, the following error message appears: vSphere HA cannot be configured on this host because its SSL thumbprint has not been verified.

When you add a host to vCenter Server, and vCenter Server already trusts the host's SSL certificate, VPX_HOST.EXPECTED_SSL_THUMBPRINT is not populated in the vCenter Server database. vSphere HA obtains the host's SSL thumbprint from this field in the database. Without the thumbprint, you cannot enable vSphere HA.

1

In the vSphere Web Client, disconnect the host that has custom SSL certificates installed.

2

Reconnect the host to vCenter Server.

3

Accept the host's SSL certificate.

4

Enable vSphere HA on the host.