VMware ESX 3.5 Update Manager Failure
Posted on June 06, 2011 in Documentation tagged with esx, signature expired, Update, vmwareIf you are suddenly (June 2011) unable to Scan for Updates or Remediate VMware ESX 3.5 Hosts, you may be without ESX350-201012410-BG (VMware KB 1030001). When running ESXUpdate via SSH on the host, you’ll receive an Integrity Error that includes “Signature 0BFA1C860F0B0A6CF5CD5D2AEE7835B14789B619: keyExpired: 4789B619″
To resolve this, you’ll need to bypass the Signature Requirement for patching so the new Secure Key Patch can be applied. To do this, connect via SSH to the host, and run the following command.
esxupdate -d http://patchdepoturlhere --nosig update
This will install all updates and reboot the host, so be sure it’s in maintenance mode prior to running the command. After the host has been patched in this method, you’ll be able to use the VUM GUI again.
thx
OK but after the restart how we can enable again the Signature requirement for VMware patches??
The –nosig option is a one time deal. There is an update that installs a new signature that isn’t expired. Once that’s installed, you can use Update Manager (or just ESXUpdate) for future updates.
thanks so much. this has been killing me.
so many different causes for the same symptoms, but this was the cause of mine
Thanks – I had all the updates locally so I had to modify the command slightly to work
I found from within the update directory
esxupdate –nosig update worked like a champ. thanks again – I was worried I would have to do all these updates in the data center and not from home.
Thanks for the useful information. It has worked.