I am going to talk about an error (intriguing one) while configuring vRA/vRO Azure Endpoint. The intent of this blog is very specific to the error you get while configuring the Azure Endpoint.
You are integrating vRA/vRO with Azure Endpoint. You follow one of the below articles:
When you try to integrate vRA/vRO with Azure Endpoint you may get an error:
Unable to create a vCO endpoint of type ‘Azure’.
Reason:’InternalError: com.vmware.o11n.plugins.configurator.util.CertificateException: No certificates found for url https://login.windows.net/ (Workflow:Import a certificate from URL using authenticated proxy server / Validate (item1)#12)’
You may come across this error when your vRO servers are behind a proxy server which is very likely in most of the scenarios. Following URLs are accessed by vRO while connecting to Azure.
Typical proxies usually will do SSL interception which will not work in this case. Therefore, ensure that you speak to your network team and ensure they disable proxy interception on the two URLs above.
Additionally, you must logon to VRO console and import the certs there as shown below for the url https://management.azure.com. This is a requirement.
This is how the imported cert will look like for https://management.azure.net
However, when you try to download the cert for https://login.windows.net it will not work. It will say no certs available.
a) Make sure SSL interception is disabled for https://login.windows.net or https://management.azure.com
b) Allow your proxy to connect vRA/vRO to port 80 or http://login.windows.net to download the cert. In our case we were using JBOSS EWS Forward proxy and I spoke to my colleague to allow port 80 for http://login.windows.net
That fixed the issue. Hope this helps you. If you have any feedback feel free to let me know.