While I’m rebuilding my lab I decided to upgrade my Windows domain to Server 2025 as well, and one of the other new changes I made was to go back to a Windows based SFTP server for my VMware Cloud Foundation backups instead of the Photon appliance I was using. I did this mainly because I went back to a physical SFTP server running on an ASUS NUC 13th gen.
As with any new changes, there are new issues that arise and I quickly realized configuring the SFTP backups in the VCF fleet manager wasn’t going to be quick. If you are interested in building a Windows-Based SFTP server, check out the instructions on WinSCP which is what I used to build this SFTP server using OpenSSH.
While I was configuring backups in the fleet manager for my management domain, they kept failing to configure on VCF Automation and Identity broker due to the below error:
Error Code: LCMVMSP10035
Error Message:
Synthetic checker on the application platform failed.
Synthetic check failed. Please refer to Broadcom Knowledge Base Article 389510 for remediation details.
“platform-vmsp-platform-sftp: failed to cleanup remote file: sftp: “” (unknown)”
I quickly found out this is due to it being a Windows based SFTP server and luckily this was a known issue already, the Broadcom Knowledgebase article helped me resolve the issue. I will also list the steps down below for quicker reference.
First you’ll need to ssh into the node that is having issues, which will require passwords. If you automated the password creation you will need to obtain the password by following this Broadcom Knowledgebase article. I manually setup my password so I run PowerShell as an administrator from my management workstation and entered:
ssh vmware-system-user@<VCFA_NODE_IP>
Then I switched to root user:
sudo -su root
Export the Kubernetes configuration:
export KUBECONFIG=/etc/kubernetes/admin.conf
Finally I disabled the check that is causing this failure:
kubectl patch rt $(kubectl get rt -n vmsp-platform | grep synthetic-checker | awk ‘{print $1}’) -n vmsp-platform –type=’json’ -p='[{“op”: “replace”, “path”: “/spec/helm/values/sftpCheck/enable”, “value”: false}]’
After completing these steps, the configuration completed successfully, I repeated this process for the other appliance that was failing.