Workaround: Adding an external vRealize Orchestrator 8.x instance to Code Stream

Written by Sam McGeown on 25/6/2021 · Read in about 1 min (207 words)

Published under vRealize Automation and vRealize Orchestrator

Tags: #Code Stream #Endpoint #vRA #vRO #yaml

I was doing some testing with adding an external vRealize Orchestrator 8.4 endpoint to vRealize Automation Code Stream 8.4, and it turns out there’s a redirect that happens with the vRO 8.4 appliance that makes the endpoint validation fail. When you enter the URL and click ACCEPT CERTIFICATE the UI will throw an error:

Server error on getting certificates.
Http failure response for https://<vRA FQDN>/codestream/api/endpoint-certificate?url=https://<vRO FQDN>: 400 Bad Request

It turns out this is because the stand-alone vRO appliance redirects the appliance URL to /vco, where the vRA appliance does not. You can work around this issue by importing your endpoint from the YAML configuration and including the certificate fingerprint - after this the endpoint will validate successfully.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

---
project: Field Demo
kind: ENDPOINT
name: external-vro
description: 'External vRealize Orchestrator 8.4'
type: vro
properties:
  url: https://smcg-sc2-vro.cmbu.local
  username: configuser
  password: VMware1!
  fingerprint: 6107B3E098C55349B1A216E721568F0C7AE24CE5444A431B49B40957B832AEE5

This should be fixed in the near future, but in the mean time, I hope this saves you a headache!

So, to clarify, when you add a vRealize Orchestrator endpoint to Code Stream:

• On-board - use the vRA FQDN (e.g. https://vra-appliance.cmbu.local)
• External vRO 8.x - use the vRO FQDN, but import via YAML (e.g. https://vro-appliance.cmbu.local)
• External vRO 7.x - use the old vRO format with port and /vco (e.g. https://vro-appliance.cmbu.local:8281/vco)

Share this post